Full Disclosure mailing list archives

Re: [fd] Re: SoBig.F strange problem

From: "Mike Vasquez" <mike () blakogre com>
Date: Wed, 20 Aug 2003 10:35:00 -0700

Hrm.  So you send emails to the sender, when the sender was forged, creating
more unnecessary traffic.

----- Original Message ----- 
From: "Stephen Clowater" <steve () stevesworld hopto org>
To: <full-disclosure () lists netsys com>

I started getting 1000-2000 an hour yesterday, I just went to all the

border

routers and put a filter on 25 to drop those connections and send a notice

to

the From feild of the smtp query, and a QUIT to the mailserver it was
connecting to.

I'd recomend doing this, its easy to do in freeBSD, all my borders are
 freeBSD so I havent tried it on anything else yet :)


Hrm.  Substitute Windows for freeBSD and this is the same flawed argument
that people claim MCSE's make.

Just because it's easy to do, doesn't mean some thought isn't required.

Maybe *nix admins are human after all.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: SoBig.F strange problem, (continued)
- Re: SoBig.F strange problem Joseph L. Hood (Aug 19)
- RE: SoBig.F strange problem Rainer Gerhards (Aug 19)
  - RE: SoBig.F strange problem Denis Dimick (Aug 19)
- RE: SoBig.F strange problem Boyer Kristy (Aug 19)
- RE: SoBig.F strange problem Risser, Nathan (BLM) (Aug 19)
- RE: SoBig.F strange problem Bassett, Mark (Aug 19)
  - RE: SoBig.F strange problem Nick FitzGerald (Aug 19)
- RE: SoBig.F strange problem Ferris, Robin (Aug 20)
- RE: SoBig.F strange problem Schmehl, Paul L (Aug 20)
- Re: SoBig.F strange problem Stephen Clowater (Aug 20)
  - Re: [fd] Re: SoBig.F strange problem Mike Vasquez (Aug 20)
  - Re: SoBig.F strange problem Nick FitzGerald (Aug 20)
- RE: SoBig.F strange problem Bassett, Mark (Aug 20)
- RE: SoBig.F strange problem Dowling, Gabrielle (Aug 20)