Full Disclosure mailing list archives
RE: msblast DDos counter measures
From: Laurent LEVIER <llevier () argosnet com>
Date: Fri, 15 Aug 2003 09:55:45 +0200
Marc, > therefore keeping machines from using windows update to get patches. Because I have 15 000 machines to tell that... > the worm only hits windowsupdate.comGlancing at multiple internet sites, the 2 main sites were mentionned, and so in doubt...
But it is not a very problem. Once we will be 100% sure of what DNS name is used, we could remove the other "redirected" DNS.
15 minutes after, the record will become valid again. Brgrds Laurent LEVIER IT Systems & Networks Security Expert _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- msblast DDos counter measures B3r3n (Aug 14)
- MS should point windowsupdate.com to 127.0.0.1 Tobias Oetiker (Aug 14)
- RE: MS should point windowsupdate.com to 127.0.0.1 Jeroen Massar (Aug 14)
- RE: MS should point windowsupdate.com to 127.0.0.1 Steffen Kluge (Aug 15)
- RE: MS should point windowsupdate.com to 127.0.0.1 Jeroen Massar (Aug 14)
- RE: msblast DDos counter measures Marc Maiffret (Aug 14)
- RE: msblast DDos counter measures Laurent LEVIER (Aug 15)
- MS should point windowsupdate.com to 127.0.0.1 Tobias Oetiker (Aug 14)