RE: document_all.pif

From: Alon Tirosh (atirosh_at_interactiveedge.com)
Date: 08/19/03

  • Next message: Fernando Cardoso: "RE: what is this?"
    To: "'Jonathan A. Zdziarski'" <jonathan@nuclearelephant.com>, <incidents@securityfocus.com>
    Date: Tue, 19 Aug 2003 13:32:46 -0400
    
    

    Sobig.f/w32.sobig.f@mm/
    http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SOBIG.F
    http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html
    http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100561

    Standard Sobig Worm, with a termination of 10SEPT. Wants to download files
    and execute, connects to NTP servers to check time, all that fun stuff. See
    above for descriptions.

    -----Original Message-----
    From: Jonathan A. Zdziarski [mailto:jonathan@nuclearelephant.com]
    Sent: Tuesday, August 19, 2003 10:28 AM
    To: incidents@securityfocus.com
    Subject: document_all.pif

    What's up with the 20-someodd messages I've received today with
    document_all.pif ? Is this some new phase of the windows worm or a new
    virus spreading around ?

    ---------------------------------------------------------------------------
    Captus Networks - Integrated Intrusion Prevention and Traffic Shaping
     - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
     - Automatically Control P2P, IM and Spam Traffic
     - Ensure Reliable Performance of Mission Critical Applications
     - Precisely Define and Implement Network Security and Performance Policies
    **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
    Visit us at:
    http://www.securityfocus.com/sponsor/CaptusNetworks_incidents_030814
    ----------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    Captus Networks - Integrated Intrusion Prevention and Traffic Shaping
     - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
     - Automatically Control P2P, IM and Spam Traffic
     - Ensure Reliable Performance of Mission Critical Applications
     - Precisely Define and Implement Network Security and Performance Policies
    **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
    Visit us at:
    http://www.securityfocus.com/sponsor/CaptusNetworks_incidents_030814
    ----------------------------------------------------------------------------


  • Next message: Fernando Cardoso: "RE: what is this?"

    Relevant Pages

    • Re: Increasing ICMP Echo Requests
      ... In the company I'm working for, we also have noticed a increasing number of ICPM request. ... > Captus Networks - Integrated Intrusion Prevention and Traffic Shaping ... > - Ensure Reliable Performance of Mission Critical Applications ...
      (Incidents)
    • Re: Increasing ICMP Echo Requests
      ... We are looking into filtering ICMP echo ... >Captus Networks - Integrated Intrusion Prevention and Traffic Shaping ... > - Ensure Reliable Performance of Mission Critical Applications ...
      (Incidents)
    • RE: DCOM worm with get.bat bot.rar
      ... DCOM worm with get.bat bot.rar ... > Captus Networks - Integrated Intrusion Prevention and Traffic Shaping ... > - Ensure Reliable Performance of Mission Critical Applications ...
      (Incidents)
    • RE: Microsoft extinguishes windowsupdate.com
      ... Subject: Microsoft 'extinguishes' windowsupdate.com ... Captus Networks - Integrated Intrusion Prevention and Traffic Shaping ... - Ensure Reliable Performance of Mission Critical Applications ...
      (Incidents)
    • Re: lots of sobig virus emails.
      ... they shouldn't be sending mail to the ... Captus Networks - Integrated Intrusion Prevention and Traffic Shaping ... Ensure Reliable Performance of Mission Critical Applications ...
      (Incidents)