(Moderator Note) Re: Anyome else seeing a rise in Mydoom Viruses over email?

From: Dan Hanson (dhanson_at_securityfocus.com)
Date: 01/27/04

  • Next message: Henrique Cabral: "Fw: Anyome else seeing a rise in Mydoom Viruses over email?"
    Date: Tue, 27 Jan 2004 10:58:16 -0700 (MST)
    To: incidents@securityfocus.com
    
    

    Ok, after sorting through about 30 messages that all point out that AV
    vendors have signatures for the virus, I am rejecting all of them.

    In summary: There is a fast spreading worm, write-ups are available at
    your preferred AV site, and I would prefer that discussion about this, on
    this list, should confine itself to the resulting implications of the worm
    (proxies, etc), rather than stopping it at the SMTP gateway or cleaning it
    from systems.

    D

    On Tue, 27 Jan 2004, Nigel Frankcom wrote:

    > Hi All,
    >
    > Over the last 2 hours our mail servers have seen a dramatic rise in
    > Mydoom virus emails.
    >
    > So far neither Panda nor McAfee are detecting it - tho the following
    > Content Filter is working for us:
    >
    > *C_o_n_tent-Transfer-Encoding: 7bit* (remove _'s)
    >
    > Subject seems to morph as each new wave is released.
    >
    > Most connections *seem* to be from private machines.
    >
    > Numbers are rising.
    >
    > Regards
    >
    > Nigel
    >
    >
    >

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------


  • Next message: Henrique Cabral: "Fw: Anyome else seeing a rise in Mydoom Viruses over email?"