OK... Maybe I'm smoking crack here, but, if they have the list of 20 machines,
wouldn't it make more sense to replace them with honey-pots that download
code to remove SOBIG instead of just disabling them?
Let's use the virus against itself. At this point, I think that's a legitimate
countermeasure.
Owen
--On Friday, August 22, 2003 11:01 AM -0700 Jim Dawson <[EMAIL PROTECTED]> wrote:
F-Secure Corporation is warning about a new level of attack to be unleashed by the Sobig.F worm today. Supposed to take place at 1900 UTC.
http://www.f-secure.com/news/items/news_2003082200.shtml
Jim --
See what ISP-Planet is saying about us! http://isp-planet.com/services/wholesalers/flexpop.html __________________________________________________________________ Jim Dawson [EMAIL PROTECTED] Flexpop/Navi.Net http://www.flexpop.net 618 NW Glisan St. Ste. 101 v. +1.503.517.8866 Portland, Or 97209 USA f. +1.503.517.8868 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~