Sophos has the list of ips posted.
http://www.sophos.com/virusinfo/articles/sobigiplist.html
| |
| Jamie L Thompson IT Specialist 781.860.2438 781.860.2875 fax 781.953.5263 cell [EMAIL PROTECTED] |
| Florian Weimer <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 08/22/2003 03:19 PM |
To: Steve Postma <[EMAIL PROTECTED]> cc: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> Subject: Re: [Full-Disclosure] Sobig has a surprise... |
Steve Postma <[EMAIL PROTECTED]> cites:
> However, the Sobig.F worm has a surprise attack in its sleeve."
>From the web site:
| "As soon as we were able to crack the encryption used by the worm to
| hide the list of the 20 machines, we've been trying to close them
| down", explains Mikko Hypponen.
18 of 20 addresses where known to the AV community since Tuesday. I
don't know what F-Secure is doing here.
Why don't they publish the list of IP addresses so that people can put
filters on their networks?
*sigh*
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
