[Dshield] MyDoom/NoVarg DoS details

Doug White doug at clickdoug.com
Wed Jan 28 13:07:57 GMT 2004


SCO Offers $250,000 Reward For Arrest Of Mydoom Worm Author

The company, now embroiled in legal action over intellectual property rights
related to its version of Unix, is offering up to $250,000 for information
leading to the arrest of those responsible for creating the Mydoom virus.

http://www.computerworld.com/newsletter/0,4902,89470,00.html?nlid=PM



======================================
Stop spam on your domain, Anti-spam solutions
http://www.clickdoug.com/mailfilter.cfm
For hosting solutions http://www.clickdoug.com
======================================
Aspire to Inspire before you Retire or Expire!


: Johannes,
:
: I will take a serious look at those IPs tomorrow.
:
: Is anyone doing packet capture on these...possible attempted exploits?
: (I have my minions at work taking a look at this)
:
: Interesting you should mention those 444/135 scans.
: Check out the dates of those target spikes.  The plot thickens.
:
: Portscans on the whole range (3127-3192) are booming compared to "normal"
traffic, even on the noisy ports.  I think it's a safe bet that the author is
hunting for compromised boxes.
: On the "quiet" ports I see the same pattern...significant spikes within the
past 30 days or so, then quiet again, and picking up now.  I wonder if there's
anything to that.
:
: My antennae are fairly quivering with this one.
:
: Regards,
: Pete
:




More information about the list mailing list