nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Sobig.f surprise attack today

From: Owen DeLong <owen () delong com>
Date: Fri, 22 Aug 2003 11:27:52 -0700
OK... Maybe I'm smoking crack here, but, if they have the list of 20 machines, 
wouldn't it make more sense to replace them with honey-pots that download
code to remove SOBIG instead of just disabling them?
Let's use the virus against itself. At this point, I think that's a legitimate 
countermeasure.

Owen
--On Friday, August 22, 2003 11:01 AM -0700 Jim Dawson <jdawson () navi net> wrote: 



F-Secure Corporation is warning about a new level of attack to be
unleashed by the Sobig.F worm today. Supposed to take place at 1900 UTC.

http://www.f-secure.com/news/items/news_2003082200.shtml

Jim
--

See what ISP-Planet is saying about us!
http://isp-planet.com/services/wholesalers/flexpop.html
  __________________________________________________________________
  Jim Dawson                                     jdawson () flexpop net
  Flexpop/Navi.Net                            http://www.flexpop.net
  618 NW Glisan St. Ste. 101                      v. +1.503.517.8866
  Portland, Or  97209 USA                         f. +1.503.517.8868
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Previous By Date Next
Previous By Thread Next

Current thread: