| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.44.0309011506040.8389-100000@kepler.acns.bethel.edu> From: b-nordquist at bethel.edu (Brent J. Nordquist) Subject: Anybody know what Sobig.F has downloaded? On Sat, 23 Aug 2003, Nick FitzGerald <nick@...us-l.demon.co.uk> wrote: > it seems all the "contact list" machines were disconnected from the > Internet about an hour before "come and get it" time. One hopes this > was done cluefully after certain important forensic evidence had been > appropriately gathered, or at least was known to then be present on the > machines and the machines were suitably secured for forensic analysis. Has anyone heard anything more about that second stage; whether any of it was recovered, what it was supposed to be? I can't find anyone talking about it; I thought this would be big news. -- Brent J. Nordquist <b-nordquist@...hel.edu> N0BJN Other contact information: http://kepler.acns.bethel.edu/~bjn/contact.html * Fast pipe * Always on * Get out of the way - Tim Bray http://tinyurl.com/7sti
Powered by blists - more mailing lists