Interesting People mailing list archives
AP story on Msoft blocking Mydoom.B
From: Dave Farber <dave () farber net>
Date: Wed, 04 Feb 2004 09:36:53 -0400
-----Original Message----- From: "Charles Arthur, The Independent" <carthur () independent co uk> Date: Wed, 04 Feb 2004 12:45:48 To:dave () farber net Cc:mary.shaw () cs cmu edu Subject: Re: [IP] AP story on Msoft blocking Mydoom.B Hi ... At 7:32 am -0500 on 4/2/04, you wrote:
Here's the AP story on Microsoft resisting the Mydoom.B virus attack. The sentence, "Microsoft did say that computers infected with the virus would not be able to access Microsoft's Web site." is particularly interesting. How do you suppose they detect infection in order to block access?
(1) set up list of IP addresses sending pings to MSoft in manner of MyDoom-infected PC: add those to your server's "deny" list. That's it. For dynamically-assigned addresses, have the blocklist in (1) drop an IP address after no pings received for eg 2hrs. Should be perhaps 30 minutes' work (tops) for any decent programmer. I hear MS has some to spare. best Charles -- ------------------------------------------------------------------- The Independent newspaper on the Web: http://www.independent.co.uk/ It's even better on paper ________________________________________________________________________ This email has been scanned for all viruses by the MessageLabs Email Security System. For more information on a proactive email security service working around the clock, around the globe, visit http://www.messagelabs.com ________________________________________________________________________ ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- AP story on Msoft blocking Mydoom.B Dave Farber (Feb 04)
- <Possible follow-ups>
- AP story on Msoft blocking Mydoom.B Dave Farber (Feb 04)