Full Disclosure mailing list archives
RE: AV "feature" does more DDoS than Sobig
From: Ron DuFresne <dufresne () winternet com>
Date: Thu, 28 Aug 2003 13:55:11 -0500 (CDT)
On Thu, 28 Aug 2003, Richard M. Smith wrote:
Ron, >>> else, you become part of the perpetual >>> 'SPAM/viri-by-product" problem, wasting >>> and consuming bandwidth Actually, it's important to get these false AV warning messages shut off. One company that I contacted told me that they have already sent out hundreds of thousands of false warning messages about Sobig.F. They are now working to get this feature turned off. It looks like they are running some sort homebrew software and not a commercial package.
While I agree with you in concept and theory, I can tell you by implimentation and experience, they will persist from most sites for the duration. Much as most the hacked/compromised systems that are the core of the problem, will also persist to be issues and core parts of the problem for a long long time. Example, the number of systems still infested with nimda/code-red that hit my logs years now, after the fact. Some after more then one notice and/or call to folks that handle the systems but, remain clueless. There isn't a lart large enough to dispense enough clues to go around. Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: AV "feature" does more DDoS than Sobig, (continued)
- Re: AV "feature" does more DDoS than Sobig William Warren (Aug 28)
- Re: AV "feature" does more DDoS than Sobig William Warren (Aug 28)
- Re: AV "feature" does more DDoS than Sobig Vladimir Parkhaev (Aug 28)
- Re: AV "feature" does more DDoS than Sobig James Greenhalgh (Aug 28)
- RE: AV "feature" does more DDoS than Sobig Steve Wray (Aug 28)
- Re: AV "feature" does more DDoS than Sobig Vladimir Parkhaev (Aug 28)
- Re: AV "feature" does more DDoS than Sobig 3APA3A (Aug 28)
- RE: AV "feature" does more DDoS than Sobig Richard M. Smith (Aug 28)
- Re: AV "feature" does more DDoS than Sobig Marcos Machado (Aug 28)
- RE: AV "feature" does more DDoS than Sobig Ron DuFresne (Aug 28)
- RE: AV "feature" does more DDoS than Sobig Richard M. Smith (Aug 28)
- RE: AV "feature" does more DDoS than Sobig Ron DuFresne (Aug 28)
- Re: AV "feature" does more DDoS than Sobig David Vasil (Aug 28)
- Re: AV "feature" does more DDoS than Sobig Darren Reed (Aug 28)
- RE: AV "feature" does more DDoS than Sobig Rainer Gerhards (Aug 28)
- RE: AV "feature" does more DDoS than Sobig Barrett, Rob (Aug 28)
- Re: AV "feature" does more DDoS than Sobig DStark (Aug 28)
- Re: AV "feature" does more DDoS than Sobig yossarian (Aug 28)
- RE: AV "feature" does more DDoS than Sobig Steve Wray (Aug 28)
- Re: AV "feature" does more DDoS than Sobig William Warren (Aug 28)
- Re: AV "feature" does more DDoS than Sobig William Warren (Aug 28)
- RE: AV "feature" does more DDoS than Sobig Steve Wray (Aug 28)