Create an Account
username: password:
 
  MemeStreams Logo

RE: New Phase of Sobig.F Set for 3 p.m. EST Friday 8/22/2003

search

Elonka
Picture of Elonka
Elonka's Pics
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Elonka's topics
Arts
  Sci-Fi/Fantasy Literature
  Movies
   Movie Genres
    Sci-Fi/Fantasy Films
  Folk
  TV Game Shows
  SciFi TV
Business
Games
  Role Playing Games
  Trading Card Games
  Video Games
   PC Video Games
   Console Video Games
   Multiplayer Online Games
Health and Wellness
Home and Garden
  Genealogy
Miscellaneous
  Humor
  MemeStreams
   Using MemeStreams
Current Events
  War on Terrorism
  Elections
Recreation
  Travel
   Asian Travel
   North American Travel
Local Information
  Missouri
   St. Louis
    St. Louis Events
Science
  Astronomy
  Biology
  History
  Medicine
Society
  Futurism
  History
  Politics and Law
   Civil Liberties
    Internet Civil Liberties
    Surveillance
  Media
   Blogging
  Philosophy
  Relationships
  Religion
Sports
Technology
  Computers
   Computer Security
    Cryptography
   Cyber-Culture
   Human Computer Interaction
   Web Design
  High Tech Developments

support us

Get MemeStreams Stuff!


 
RE: New Phase of Sobig.F Set for 3 p.m. EST Friday 8/22/2003
Topic: Computer Security 12:24 am EDT, Aug 25, 2003

Elonka wrote:
] More info about the fastest-spreading worm of all time, which
] enters a new phase today, trying to download unknown code to
] 20 specific home computers:

Turns out they may have failed here. From a post on Interesting People:

"All the experts were totally faked out. While everyone was concentrating
on getting the "magic 20" machines shut down, no one realized that
different copies of Sobig.f had different lists of servers to contact.

We put a block of udp port 8998 on our firewall this morning. We had 3
previously undetected infected machines on our network, each of which
tried to contact a different list of 20 machines. One of the lists
corresponds to the one that Sophos and others have published. The other
two lists have no addresses in common with the published list, or with
each other.

I wonder how many different sets of servers there were, how many
different variants of Sobig.f there were, and how many infected machines
now have some additional trojan, worm, or ddos code waiting for a
command to do something."

RE: New Phase of Sobig.F Set for 3 p.m. EST Friday 8/22/2003



 
 
Powered By Industrial Memetics
RSS2.0