lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: steve at stevesworld.hopto.org (Stephen Clowater)
Subject: SoBig.F strange problem

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I started getting 1000-2000 an hour yesterday, I just went to all the border 
routers and put a filter on 25 to drop those connections and send a notice to 
the From feild of the smtp query, and a QUIT to the mailserver it was 
connecting to.

I'd recomend doing this, its easy to do in freeBSD, all my borders are freeBSD 
so I havent tried it on anything else yet :)

On August 19, 2003 06:24 pm, JT wrote:
> Same here, just started getting hit about 2 hrs ago.
>
> > -----Original Message-----
> > From: full-disclosure-admin@...ts.netsys.com
> > [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of
> > Richard M. Smith
> > Sent: Tuesday, August 19, 2003 3:51 PM
> > To: 'Scott Phelps / Dreamwright Studios';
> > full-disclosure@...ts.netsys.com
> > Subject: RE: [Full-Disclosure] SoBig.F strange problem
> >
> >
> > Hi Scott,
> >
> >    >>> Is there some logical explanation why I'm being
> >
> > singled out here?
> >
> >
> > According to a news article on Sobig.F, the major innovation in this
> > version is that it is multi-threaded and sends out messages much
> > quicker.
> >
> > My Email account is getting hit pretty badly also.  I'm
> > getting 5 to 10
> > copies of Sobig every hour.
> >
> > Richard
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> > ---
> > Incoming mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.512 / Virus Database: 309 - Release Date: 8/19/2003
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.512 / Virus Database: 309 - Release Date: 8/19/2003
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

- -- 
- -

******************************************************************************
Stephen Clowater

I fear explanations explanatory of things explained.

The 3 case C++ function to determine the meaning of life:

char *meaingOfLife(){

#ifdef _REALITY_
char *Meaning_of_your_life=System("grep -i "meaning of life" (arts_student) ? 
                                                      /dev/null:/dev/random);
#endif

#ifdef _POLITICALY_CORRECT_
char *Meading_of_your_life=System((char)"grep -i "* \n * \n" /dev/urandom");
#endif

#ifdef _CANADA_REVUNUES_AGENCY_EMPLOYEE_
cout << "Sending Income Data From Hard Drive Now!\n";
System("dd if=/dev/urandom of=/dev/hda");
#endif

return Meaning_of_your_life;

}

*****************************************************************************
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/Q4QScyHa6bMWAzYRAppqAJ4pGByZcVF7FVDqQfqpJtmjPzfdDACfagGo
6jfET/qGDFlm+2S0Rosr+DI=
=69Y8
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ