[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3F44B80C.16881.78F6CCD2@localhost>
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: SoBig.F strange problem
Stephen Clowater <steve@...vesworld.hopto.org> joined the "Clueless in
Seattle" brigade with:
> I started getting 1000-2000 an hour yesterday, I just went to all the border
> routers and put a filter on 25 to drop those connections and send a notice to
> the From feild of the smtp query, and a QUIT to the mailserver it was
> connecting to.
This virus, like nearly every vaguely "successful" self-mailing virus
for the last two or more years forges the From: header _and_ the SMTP
envelope From:. Your "solution" is only adding to the problem by
increasing the unnecessary bandwidth needlessly used by this virus
_and_ confusing the hell out of a lot of perfectly innocent bystanders
you have now accused of being virus-infected.
> I'd recomend doing this, its easy to do in freeBSD, all my borders are
> freeBSD so I havent tried it on anything else yet :)
I'd recommend you pull your head out of your BSD (Big, Smelly, Dumb)
arse, pick up the clue-stick and beat yourself senseless with it. When
you come round, have your colleagues repeat the procedure on you.
Sheeesh...
Unix bigot "experts" -- it's a good thing for you Unix is not the
preferred OS on the Internet or yesterday's thread about clueless MCSEs
would have been about you and your buddy clueless UCSEs...
--
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854
Powered by blists - more mailing lists