lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3F44B80C.16881.78F6CCD2@localhost>
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: SoBig.F strange problem

Stephen Clowater <steve@...vesworld.hopto.org> joined the "Clueless in 
Seattle" brigade with:

> I started getting 1000-2000 an hour yesterday, I just went to all the border
> routers and put a filter on 25 to drop those connections and send a notice to
> the From feild of the smtp query, and a QUIT to the mailserver it was
> connecting to.

This virus, like nearly every vaguely "successful" self-mailing virus 
for the last two or more years forges the From: header _and_ the SMTP 
envelope From:.  Your "solution" is only adding to the problem by 
increasing the unnecessary bandwidth needlessly used by this virus 
_and_ confusing the hell out of a lot of perfectly innocent bystanders 
you have now accused of being virus-infected.

> I'd recomend doing this, its easy to do in freeBSD, all my borders are
>  freeBSD so I havent tried it on anything else yet :)

I'd recommend you pull your head out of your BSD (Big, Smelly, Dumb) 
arse, pick up the clue-stick and beat yourself senseless with it.  When 
you come round, have your colleagues repeat the procedure on you.

Sheeesh...

Unix bigot "experts" -- it's a good thing for you Unix is not the 
preferred OS on the Internet or yesterday's thread about clueless MCSEs 
would have been about you and your buddy clueless UCSEs...


-- 
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ