What if someone cranks a clock forward and sees what the program does? Not having any windows systems at all, I'm in a poor position to try this. :) On Fri, 2003-08-22 at 13:33, Compton, Rich wrote: > As many of you know, the latest Sobig.F virus was scheduled to begin > downloading unknown code from various IPs at 3:00 EST today on UDP port > 8998. Does anybody have any idea what this code is? Are the infected boxes > actually downloading code? Does anybody have an infected Windoze box with > Sobig that can see what code was downloaded? > > Here's a link to some info at Sophos in case you are unfamiliar with this. > > http://www.sophos.com/virusinfo/articles/sobigextra.html > > Looking at the infection rates of this virus, I'd say that it's pretty > important that we find out what this code is and what it does ASAP! > > Thanks, > Rich Compton > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html -- Dan Stromberg DCS/NACS/UCI <strombrgat_private>
This archive was generated by hypermail 2b30 : Fri Aug 22 2003 - 17:27:10 PDT