Here is some more interesting information. I'm not positive this is
Sober.Z related but it's walking like and talking like a duck.
First I see the below DNS requests, shortly after I see many SMTP
packets hitting Hotmail, AOL, Yahoo.com, Yahoo.co.uk, Progegy, etc
Looks like it's... Sendi
FYI: I've set some traps on our DNS servers, dunno exactally what this
means but I thought that I should share:
Jan 5 18:41:09 myServer named[24490]: client X.X.X.X#1192: query:
arcor.de IN MX
Jan 5 18:45:48 myServer named[24490]: client X.X.X.X#1034: query:
freenet.de IN MX
These are th
Subject: Awful quiet? Date: Wed, Dec 21, 2005 at 12:09:23AM -0800 Quoting Jim
Popovitch ([EMAIL PROTECTED]):
>
> I miss the endless debates. Is *everyone* Christmas shopping?
>
> Here's a thought to ponder
>
> With the thousands of datacenters that exist with IPv4 cores, what will it
> t
Elijah Savage wrote:
Sean Donelan wrote:
So, maybe an operational question.
What are people seeing as far as network traffic loads due to WMF
patching
activity, e.g. auto-update and manual downloads? Microsoft has used
several CDNs in addition to its own servers to distribute the load
in
Sean Donelan wrote:
So, maybe an operational question.
What are people seeing as far as network traffic loads due to WMF patching
activity, e.g. auto-update and manual downloads? Microsoft has used
several CDNs in addition to its own servers to distribute the load
in the past.
WSUS servers a
Sean Donelan wrote:
So, maybe an operational question.
What are people seeing as far as network traffic loads due to WMF patching
activity, e.g. auto-update and manual downloads? Microsoft has used
several CDNs in addition to its own servers to distribute the load
in the past.
Most organiza
So, maybe an operational question.
What are people seeing as far as network traffic loads due to WMF patching
activity, e.g. auto-update and manual downloads? Microsoft has used
several CDNs in addition to its own servers to distribute the load
in the past.
>
>
>
> On Thu, 5 Jan 2006, Church, Chuck wrote:
>
> > So rather than finish the testing they wanted to do, they rushed it out?
> > Hmmm. Sounds a little scary to me
>
> Scarier then the architectural decisions they made that led to having
> to release this patch?
Scarier than using p
[EMAIL PROTECTED] wrote:
> So rather than finish the testing they wanted to do, they rushed it
> out? Hmmm. Sounds a little scary to me
The way the SANS folks have been going into hysterics over the
vulnerability I'd say there was considerable pressure to get it out the
door as soon as hum
On Thu, 5 Jan 2006, Church, Chuck wrote:
So rather than finish the testing they wanted to do, they rushed it out?
Hmmm. Sounds a little scary to me
Scarier then the architectural decisions they made that led to having
to release this patch?
--
William Leibzon
Elan Networks
[EMAIL PROT
So rather than finish the testing they wanted to do, they rushed it out?
Hmmm. Sounds a little scary to me
Chuck
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Jerry Dixon
Sent: Thursday, January 05, 2006 3:37 PM
To: [EMAIL PROTECTED]
Jerry Dixon wrote:
FYI all, the Microsoft Official patch is out for WMF and available via Windows
Update.
I took this from the funsec list:
Larry Seltzer-
http://www.microsoft.com/technet/security/bulletin/advance.mspx
"Microsoft originally planned to release the update on Tuesday, January 1
FYI all, the Microsoft Official patch is out for WMF and available via Windows Update.Cheers,Jerry
I'm sutting PCs down and going on vacation for a while. Seriously. :-)
TIA to those of you working to protect your customers and therefore other
systems as well.
-Jim P.
- Original Message
From: Wil Schultz <[EMAIL PROTECTED]>
To: nanog@merit.edu
Sent: Thursday, January 05, 2006 1:53
Wil Schultz wrote:
Wouldn't it be fun if it contained the WMF exploit in some form?
So, I'm planning on using swatch to monitor DNS requests for the known
affected domains. What is everyone else planning to do?
-Wil
All the popular domains known we have puched out a global rule to our
cust
Wouldn't it be fun if it contained the WMF exploit in some form?
So, I'm planning on using swatch to monitor DNS requests for the known
affected domains. What is everyone else planning to do?
-Wil
At 12:54 PM 1/5/2006, you wrote:
Thanks Thomas, something really useful. One thing I am still curious
about, I read that there were other image formats can be used in an
exploit, GIF, .BMP, .JPG, .TIF can also be used, according to
F-Secure. I find this a little confusing, if that dll only de
That's sort of a loaded question. Some provider's offerings are good
for different reasons/have different strengths. Your best fit would
depend on your individual needs.
How many sites will you have, and what is your access method and speed
preference?
Do you need granular QoS from CPE to C
At 01:40 AM 1/5/2006, Thomas Kuehling wrote:
Hi Eric
Am Mittwoch, den 04.01.2006, 08:14 -0800 schrieb Eric Frazier:
> Hi,
>
> I finally decided this was serious enough to do something about it sooner
> than the MS patch, but while this seems to be the official link to the
SANS
> patch http://
We're looking at purchasing MPLS services for locations nationwide. Does
anyone have personal experiences they'd care to share about providers...the
good, the bad, the ugly?
I'm not looking for public bashing, just data to differentiate one from
another. Any comments or direction appreciated.
On Wed, 4 Jan 2006, Fred Heutte wrote:
My observation had more to do with the posturing of the "security"
vendors (anti-virus, firewall, IDS, etc.) and the broad range of
highly important experts who are all clamoring for attention on
this and on all the other everyday security issues out ther
"securiTeam Blogs" posted an interview with Ilfak, the WMF patch author.
He explains what it does, and why:
http://blogs.securiteam.com/index.php/archives/176
Just in case some of you don't follow security sources or need another
affirmation -
I know Ilfak and he is trusted. He is a Good Gu
Indeed. It's the security equivalent of "the market can stay irrational
longer than you can stay solvent" - perhaps we could reformulate that
as "the users can remain clueless longer than your business can survive
the DDOS"On 1/5/06, Stephane Bortzmeyer <[EMAIL PROTECTED]> wrote:
On Wed, Jan 04, 20
On Wed, Jan 04, 2006 at 05:58:16PM -0500,
[EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote
a message of 46 lines which said:
> How many times do you propose we FTDT before we get fed up and ask
> upper management to authorize a migration to some other software
> with a better record? And how many m
24 matches
Mail list logo
