On Fri, 30 Mar 2007 19:44:23 -0700 Jeff Shultz <[EMAIL PROTECTED]> wrote:
> > So, is there a list of domains that we could null-route if we could > convince our DNS managers to set us up as the SOA for those domains > on our local DNS servers - thus protecting our own customers somewhat? > > I won't discount the assertion that there is some sort of emergency > occurring. I would however, like to see a bit of a reference to where > we can learn more about what is going on (I assume this is the > javascript exploit I heard about a couple days ago). > No -- it's a 0day in Internet Explorer involving animated cursors -- and it can be spread by visiting an infected web site or even by email. See http://blogs.zdnet.com/security/?p=141&tag=nl.e622 http://www.avertlabs.com/research/blog/?p=230 http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ%5FANICMOO%2EAX&VSect=T or see lots of news stories about it at http://news.google.com/?ned=us&ncl=1114901719&hl=en --Steve Bellovin, http://www.cs.columbia.edu/~smb