| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200308201126.06953.steve@stevesworld.hopto.org>
From: steve at stevesworld.hopto.org (Stephen Clowater)
Subject: SoBig.F strange problem
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I started getting 1000-2000 an hour yesterday, I just went to all the border
routers and put a filter on 25 to drop those connections and send a notice to
the From feild of the smtp query, and a QUIT to the mailserver it was
connecting to.
I'd recomend doing this, its easy to do in freeBSD, all my borders are
freeBSD so I havent tried it on anything else yet :)
On August 19, 2003 06:24 pm, JT wrote:
> Same here, just started getting hit about 2 hrs ago.
>
> > -----Original Message-----
> > From: full-disclosure-admin@...ts.netsys.com
> > [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of
> > Richard M. Smith
> > Sent: Tuesday, August 19, 2003 3:51 PM
> > To: 'Scott Phelps / Dreamwright Studios';
> > full-disclosure@...ts.netsys.com
> > Subject: RE: [Full-Disclosure] SoBig.F strange problem
> >
> >
> > Hi Scott,
> >
> > >>> Is there some logical explanation why I'm being
> >
> > singled out here?
> >
> >
> > According to a news article on Sobig.F, the major innovation in this
> > version is that it is multi-threaded and sends out messages much
> > quicker.
> >
> > My Email account is getting hit pretty badly also. I'm
> > getting 5 to 10
> > copies of Sobig every hour.
> >
> > Richard
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> > ---
> > Incoming mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.512 / Virus Database: 309 - Release Date: 8/19/2003
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.512 / Virus Database: 309 - Release Date: 8/19/2003
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
- - --
- - -
*****************************************************************************
* Stephen Clowater
I fear explanations explanatory of things explained.
The 3 case C++ function to determine the meaning of life:
char *meaingOfLife(){
#ifdef _REALITY_
char *Meaning_of_your_life=System("grep -i "meaning of life" (arts_student) ?
/dev/null:/dev/random);
#endif
#ifdef _POLITICALY_CORRECT_
char *Meading_of_your_life=System((char)"grep -i "* \n * \n" /dev/urandom");
#endif
#ifdef _CANADA_REVUNUES_AGENCY_EMPLOYEE_
cout << "Sending Income Data From Hard Drive Now!\n";
System("dd if=/dev/urandom of=/dev/hda");
#endif
return Meaning_of_your_life;
}
*****************************************************************************
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/Q4QScyHa6bMWAzYRAppqAJ4pGByZcVF7FVDqQfqpJtmjPzfdDACfagGo
6jfET/qGDFlm+2S0Rosr+DI=
=69Y8
- -----END PGP SIGNATURE-----
- -------------------------------------------------------
- --
- -
******************************************************************************
Stephen Clowater
BOFH Excuse #320:
You've been infected by the Telescoping Hubble virus.
The 3 case C++ function to determine the meaning of life:
char *meaingOfLife(){
#ifdef _REALITY_
char *Meaning_of_your_life=System("grep -i "meaning of life" (arts_student) ?
/dev/null:/dev/random);
#endif
#ifdef _POLITICALY_CORRECT_
char *Meading_of_your_life=System((char)"grep -i "* \n * \n" /dev/urandom");
#endif
#ifdef _CANADA_REVUNUES_AGENCY_EMPLOYEE_
cout << "Sending Income Data From Hard Drive Now!\n";
System("dd if=/dev/urandom of=/dev/hda");
#endif
return Meaning_of_your_life;
}
*****************************************************************************
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/Q4T9cyHa6bMWAzYRAryrAJ9n7bXHMiqolxRqw6fGtj/xyeGR0ACgkUsp
QZdsr3bc74UO2VxriUvxN3g=
=S0vk
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists