nanog mailing list archives
Re: Sobig.f surprise attack today
From: Dan Hollis <goemon () anime net>
Date: Thu, 28 Aug 2003 12:54:54 -0700 (PDT)
On Thu, 28 Aug 2003, Owen DeLong wrote:
Alternatively, perhaps we could, instead, publish an INFECTED SYSTEMS blacklist based on such connections to a honeypot. Any system which made the correct request could then have it's address published via BGP or DNS for ISPs and the like to do as they wish.
an infected host dnsrbl doesnt sound like a bad idea... -Dan -- [-] Omae no subete no kichi wa ore no mono da. [-]
Current thread:
- RE: Sobig.f surprise attack today, (continued)
- RE: Sobig.f surprise attack today Stephen J. Wilcox (Aug 22)
- Re: Sobig.f surprise attack today Andrew Kerr (Aug 22)
- Re: Sobig.f surprise attack today Jay Hennigan (Aug 22)
- Re: Sobig.f surprise attack today Andrew Kerr (Aug 22)
- Re: Sobig.f surprise attack today Petri Helenius (Aug 22)
- Re: Sobig.f surprise attack today Jay Hennigan (Aug 22)
- Message not available
- Re: Sobig.f surprise attack today Owen DeLong (Aug 22)
- Re: Sobig.f surprise attack today Doug Barton (Aug 22)
- Re: Sobig.f surprise attack today Owen DeLong (Aug 28)
- Re: Sobig.f surprise attack today Dan Hollis (Aug 28)
- Re: Sobig.f surprise attack today Mike Tancsa (Aug 28)
- Re: Sobig.f surprise attack today Petri Helenius (Aug 28)
- Re: Sobig.f surprise attack today Mike Tancsa (Aug 28)
- Re: Sobig.f surprise attack today Patrick Muldoon (Aug 28)
- Re: Sobig.f surprise attack today Damian Gerow (Aug 28)
- Re: Sobig.f surprise attack today Petri Helenius (Aug 28)
- Re: Sobig.f surprise attack today Mike Tancsa (Aug 28)
- Re: Sobig.f surprise attack today steve uurtamo (Aug 22)