Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SoBig.F strange problem

From: felix.roennebeck () gaussvip com
Date: Wed, 20 Aug 2003 17:31:54 +0200
A lot of these From:-headers are fake and so you are punishing innocent people that are victims by themself. If you want to do such thing you should better contact the net-owner of the sending IP. 

/Felix

Stephen Clowater wrote:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I started getting 1000-2000 an hour yesterday, I just went to all the border routers and put a filter on 25 to drop those connections and send a notice to the From feild of the smtp query, and a QUIT to the mailserver it was connecting to.
I'd recomend doing this, its easy to do in freeBSD, all my borders are freeBSD so I havent tried it on anything else yet :) 

On August 19, 2003 06:24 pm, JT wrote:

Same here, just started getting hit about 2 hrs ago.


-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of
Richard M. Smith
Sent: Tuesday, August 19, 2003 3:51 PM
To: 'Scott Phelps / Dreamwright Studios';
full-disclosure () lists netsys com
Subject: RE: [Full-disclosure] SoBig.F strange problem


Hi Scott,

  >>> Is there some logical explanation why I'm being

singled out here?


According to a news article on Sobig.F, the major innovation in this
version is that it is multi-threaded and sends out messages much
quicker.

My Email account is getting hit pretty badly also.  I'm
getting 5 to 10
copies of Sobig every hour.

Richard

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.512 / Virus Database: 309 - Release Date: 8/19/2003

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.512 / Virus Database: 309 - Release Date: 8/19/2003


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- -- - - 

******************************************************************************
Stephen Clowater

I fear explanations explanatory of things explained.

The 3 case C++ function to determine the meaning of life:

char *meaingOfLife(){

#ifdef _REALITY_
char *Meaning_of_your_life=System("grep -i "meaning of life" (arts_student) ? /dev/null:/dev/random); 
#endif

#ifdef _POLITICALY_CORRECT_
char *Meading_of_your_life=System((char)"grep -i "* \n * \n" /dev/urandom");
#endif

#ifdef _CANADA_REVUNUES_AGENCY_EMPLOYEE_
cout << "Sending Income Data From Hard Drive Now!\n";
System("dd if=/dev/urandom of=/dev/hda");
#endif

return Meaning_of_your_life;

}

*****************************************************************************
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/Q4QScyHa6bMWAzYRAppqAJ4pGByZcVF7FVDqQfqpJtmjPzfdDACfagGo
6jfET/qGDFlm+2S0Rosr+DI=
=69Y8
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


--
Mit freundlichen GrĂ¼ssen / with kind regards


Felix Roennebeck

Senior System Administrator

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

VIP Enterprise 8 | THE POWER OF CONTENT AT WORK
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

Gauss Interprise AG    Phone: +49-40-3250-1590
Weidestr. 120a         Fax:   +49-40-3250-19-1590
D-22083 Hamburg        eMail: Felix.Roennebeck () gaussvip com
Germany                Web:   http://www.gaussvip.com
Previous By Date Next
Previous By Thread Next

Current thread: