Here is a snipet of some on going email I'm having with a LAN
administrator at a university hospital. I forwarded a copy of the
Declude virus catch, to show them the IP #'s of the machine that sent
the Sobig virus. I can't get it through his head that the headers
are forged, and irrevelant.
My
At 11:45 AM 8/23/2003 -0500, you wrote:
> THIS IS AN INCREDIBLE GROUP !
> DECLUDE IS AN INCREDIBLE PRODUCT !!!
> KUDUS to you Scott.
> Grateful THANKS to all the members who contributed yesterday !
Agreed! My users were protected even before receiving the updated DAT's due
to banning
> THIS IS AN INCREDIBLE GROUP !
> DECLUDE IS AN INCREDIBLE PRODUCT !!!
> KUDUS to you Scott.
> Grateful THANKS to all the members who contributed yesterday !
Agreed! My users were protected even before receiving the updated DAT's due
to banning the .pif's.
> Blocking the port kept a
here is sobig outbound traffic we stopped at our gateway
80 deny ip any host 67.73.21.6 log (3 matches)
90 deny ip any host 68.38.159.161 log (3 matches)
100 deny ip any host 67.9.241.67 log (3 matches)
110 deny ip any host 66.131.207.81 log (3 matches)
120 deny ip any host 65.
Wow.. That's great..
What port was the machine trying to use? And what IP was the machine trying
to contact?
Just curious..
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Doug McKee
Sent: Saturday, August 23, 2003 10:27 AM
To: [EMAIL PROTECTED]
Subj
THIS IS AN INCREDIBLE GROUP !
DECLUDE IS AN INCREDIBLE PRODUCT !!!
KUDUS to you Scott.
Grateful THANKS to all the members who contributed yesterday !
I usually delete about 2500-3000 files from the virus folder every
morning.
The load in the last 24 hours was a few over 20,000.
The