OK... Maybe I'm smoking crack here, but, if they have the list of 20 machines, wouldn't it make more sense to replace them with honey-pots that download code to remove SOBIG instead of just disabling them? Let's use the virus against itself. At this point, I think that's a legitimate countermeasure. Owen --On Friday, August 22, 2003 11:01 AM -0700 Jim Dawson <jdawson@navi.net> wrote:
F-Secure Corporation is warning about a new level of attack to be unleashed by the Sobig.F worm today. Supposed to take place at 1900 UTC.
http://www.f-secure.com/news/items/news_2003082200.shtml
Jim --
See what ISP-Planet is saying about us! http://isp-planet.com/services/wholesalers/flexpop.html __________________________________________________________________ Jim Dawson jdawson@flexpop.net Flexpop/Navi.Net http://www.flexpop.net 618 NW Glisan St. Ste. 101 v. +1.503.517.8866 Portland, Or 97209 USA f. +1.503.517.8868 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~