Re: [Full-Disclosure] Sobig has a surprise...

From: Jamie L Thompson (jlt_at_raytheon.com)
Date: 08/22/03

  • Next message: Parker, Jeff (MSE): "RE: [Full-Disclosure] Re: Google Private IP is 10.7.0.73 !!!!!!" 
    To: Florian Weimer <fw@deneb.enyo.de>
Date: Fri, 22 Aug 2003 16:17:05 -0400

    Sophos has the list of ips posted.

    http://www.sophos.com/virusinfo/articles/sobigiplist.html

    Jamie L Thompson
    IT Specialist
    781.860.2438
    781.860.2875 fax
    781.953.5263 cell
    jlt@raytheon.com

    Florian Weimer <fw@deneb.enyo.de>
    Sent by: full-disclosure-admin@lists.netsys.com
    08/22/2003 03:19 PM
     
            To: Steve Postma <spostma@travizon.com>
            cc: "'full-disclosure@lists.netsys.com'"
    <full-disclosure@lists.netsys.com>
            Subject: Re: [Full-Disclosure] Sobig has a surprise...

    Steve Postma <spostma@travizon.com> cites:

    > However, the Sobig.F worm has a surprise attack in its sleeve."

    From the web site:

    | "As soon as we were able to crack the encryption used by the worm to
    | hide the list of the 20 machines, we've been trying to close them
    | down", explains Mikko Hypponen.

    18 of 20 addresses where known to the AV community since Tuesday. I
    don't know what F-Secure is doing here.

    Why don't they publish the list of IP addresses so that people can put
    filters on their networks?

    *sigh*

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

    picture
    picture
  • Next message: Parker, Jeff (MSE): "RE: [Full-Disclosure] Re: Google Private IP is 10.7.0.73 !!!!!!"

    Relevant Pages

    • Re: [Full-disclosure] Hack-Mail.net or similar site
      ... What do you think of web site like Hack-Mail.net or similar one? ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • [Full-Disclosure] Re: January 15 is Personal Firewall Day, help the cause
      ... That Web site is utterly disingenuous. ... how about high-value information that actually protects people: ... Full-Disclosure - We believe in it. ... Charter: http://lists.netsys.com/full-disclosure-charter.html ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Fortinet Advisory - Apple QuickTime Player StripOffsets Improper Memor
      ... which is available for downloading from Apples's web site under security update. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • [Full-disclosure] Hack-Mail.net or similar site
      ... What do you think of web site like Hack-Mail.net or similar one? ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • Re: [Full-disclosure] List of Fuzzers
      ... int authenticate(char* username, char* password) { ... that fuzzing has its limitations (that can be fixed and applied like ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure- ...
      (Full-Disclosure)
    Loading