lists.openwall.net   lists  /  announce  john-users  owl-users  popa3d-users  /  xvendor  oss-security  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4 
Open Source and information security mailing list archives
 
This website is powered by Openwall GNU/*/Linux security-enhanced OS
[<prev] [next>] [<thread-prev] [month] [year] [list] 
From: b-nordquist at bethel.edu (Brent J. Nordquist)
Subject: Anybody know what Sobig.F has downloaded?

On Sat, 23 Aug 2003, Nick FitzGerald <nick@...us-l.demon.co.uk> wrote:

> it seems all the "contact list" machines were disconnected from the
> Internet about an hour before "come and get it" time.  One hopes this
> was done cluefully after certain important forensic evidence had been
> appropriately gathered, or at least was known to then be present on the
> machines and the machines were suitably secured for forensic analysis.

Has anyone heard anything more about that second stage; whether any of it 
was recovered, what it was supposed to be?  I can't find anyone talking 
about it; I thought this would be big news.

-- 
Brent J. Nordquist <b-nordquist@...hel.edu> N0BJN
Other contact information: http://kepler.acns.bethel.edu/~bjn/contact.html
* Fast pipe * Always on * Get out of the way - Tim Bray http://tinyurl.com/7sti

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux