[unisog] antivirus that works despite ssl

power less absolutelynopower at gmail.com
Tue Jul 10 17:43:53 GMT 2007

BTW in my exhausting coverage of the storm worm :-)  I should mention
this article:
This explains a few things, I guess. I'm not well-versed in DNS I'm afraid.

I take it they are not talking about the urls in the storm messages
Because those are are IP numbers not domain names  in most of the ones I
got. I

Two I just got:

Address:  24.93. 201.2
Name:    cpe-24-93-201-2.neo.res.rr.com

Address:  65.190. 29.151
Name:    cpe-065-190-029-151.triad.res.rr.com

I'd love to hear more about this dnsflux business. A comment to that article
"Why don't ISPs just block the inbound DNS traffic to home machines on
dynamic addresses? Do that and the distributed DNS part evaporates."

Is that true?

example messages:
Hi. School-mate has sent you a postcard.
See your card as often as you wish during the next 15 days.


If your email software creates links to Web pages, click on your card's
direct www address below while you are connected to the Internet:

http://24.93.do not click 201.2/?4b9999b98562bd22stay away

Or copy and paste it into your browser's "Location" box (where Internet
addresses go).

We hope you enjoy your awesome card.

Wishing you the best,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.sans.org/pipermail/unisog/attachments/20070710/fff3c043/attachment.htm 

More information about the unisog mailing list