[ale] news: sobig.f -- anything yet??

[J.M. Taylor]

>From F-Secure:
------
Update on 19:00 UTC

When deadline for the attack was passed, one machine was still (somewhat)
up. However, immediatly after the deadline, this machine (located in the
USA) was totally swamped under network traffic.

We've tried connecting to it, just like the virus does. We do this from
three different sensors from three different machines in three different
countries. We haven't been able to connect to it once. If we can't
connect, neither can the viruses.

So the attack failed. Whoa.

We'll keep monitoring until 22:00 UTC. If we're not able to connect once,
we can safely say that the attack was prevented.
------

I so don't believe that something this sophisticated just...fizzled
quietly away. But...I certainly hope it did!  I'm a bit puzzled by only 20
machines that were supposed to act as servers...from the major
aggressiveness of this thing, you'd think that the best that could happen
with zillions of infected PCs trying to hit 20 machines at once would be
just a kind of lame ddos.

jenn



Nathan J. Underwood said:
> Nothing yet, bugfixer and I were just discussing it on IRC.  Kinda
> scary.
>
> Quoting "J.M. Taylor" <jtaylor at onlinea.com>:
>
>> Nothing on the news, nothing on F-Secure...it's distressingly quiet
>> with potentially one 'master server' left running to deliver whatever
>> it is that sobig wants...
>>
>> Anybody heard/seen anything?  I can't believe we're lucky enough for
>> it to have crapped out at this stage...
>>
>> jenn
>>
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://www.ale.org/mailman/listinfo/ale
>>
>
>
> --
> Nathan J. Underwood
> nathan at cybertechcafe.net
> http://www.cybertechcafe.net
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale



_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale