On Tue, 27 May 2008 12:50:38 EDT, Stack Smasher said:
If you see me laughing, you better have backups
Even funnier if the contractor is the one tasked with doing backups. :)
pgp6kzamRhjnO.pgp
Description: PGP signature
___
Full-Disclosure - We
On Tue, May 27, 2008 16:46, Simon Smith wrote:
Does anyone here have a contact for Ford Motors IT Department,
Specifically for abuse?
--
Europe, or US? And in relation to their online activities or other?
When I was on my placement year, I did all of Ford Europe's website and I
was
Is this in response to a vulnerability to report, or in response to some
other form of abuse, like spam?
-Nate
On 5/27/08, Gary Wilson [EMAIL PROTECTED] wrote:
On Tue, May 27, 2008 16:46, Simon Smith wrote:
Does anyone here have a contact for Ford Motors IT Department,
Specifically for
In response to them still being infected with sql slammer and it probing
my networks regularly.
Nate McFeters wrote:
Is this in response to a vulnerability to report, or in response to some
other form of abuse, like spam?
-Nate
On 5/27/08, *Gary Wilson* [EMAIL PROTECTED]
Simon Smith wrote:
In response to them still being infected with sql slammer and it probing
my networks regularly.
Ah, them and a gazillion of others.
I ran a little experiment some time ago.
I had an unused ipadress (bog standard dynamic home issue cable feed) and just
for fun I installed
In response to them still being infected with sql slammer and it probing
my networks regularly.
Let me guess .. it's 136.1.7.55 ?
Here's what I get (from ford) every time that IP pops up in our
automated abuse report ..
--snip--
Our investigation into this matter has determined that
When that stuff first showed up last year I emailed their ARIN contact and got
a real person. They got back to me within a day and said the same thing. SQL
Slammer is a single packet UDP attack so their response is 100% plausible.
Ray
In response to them still being infected with sql
Indeed, that is the IP address.
That IP address appears to be bound to some sort of a VPN system for
ford. Perhaps its infected VPN users?
Michael Holstein wrote:
In response to them still being infected with sql slammer and it
probing my networks regularly.
Let me guess ..
On Tue, 27 May 2008, Anders B Jansson wrote:
Limiting the continued propagation of sql-slammer is both a worthy and
commendable deed.
But I'm afraid that it's totally futile.
How so? Code Red II and Nimda appear to have disappeared, albeit after many
years.
I suspect that somebody let