update from F-Secure @ 19:00

Anderson Johnston andy at umbc.edu
Fri Aug 22 19:56:14 GMT 2003


>From http://www.f-secure.com/v-descs/sobig_f.shtml:

	Update on 19:00 UTC

	When deadline for the attack was passed, one machine was still
	(somewhat)  up. However, immediatly after the deadline, this
	machine (located in the USA) was totally swamped under network
	traffic.

	We've tried connecting to it, just like the virus does. We do this
	from three different sensors from three different machines in
	three different countries. We haven't been able to connect to it
	once. If we can't connect, neither can the viruses.

	So the attack failed. Whoa.

	We'll keep monitoring until 22:00 UTC. If we're not able to
	connect once, we can safely say that the attack was prevented.


						- andy

------------------------------------------------------------------------------
** Andy Johnston (andy at umbc.edu)          *            pager: 410-678-8949  **
** Manager of IT Security                 * PGP key:(afj2002) 4096/8448B056 **
** Office of Information Technology, UMBC *   4A B4 96 64 D9 B6 EF E3 21 9A **
** 410-455-2583 (v)/410-455-1065 (f)      *   46 1A 37 11 F5 6C 84 48 B0 56 **
------------------------------------------------------------------------------



More information about the unisog mailing list