|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: Sobig.f surprise attack today
On Fri, 22 Aug 2003 14:13:27 -0400, Todd Mitchell - lists wrote: >See the following message sent out by X-Force a few hours ago.>Todd >Computers infected with the Sobig.F worm are programmed >to automatically download an executable of unknown function >from a hard-coded list of servers at 19:00 UTC (3:00pm EDT) >X-Force is recommending wholesale outbound filtering of >the following IP addresses: > >67.73.21.6 >68.38.159.161 >67.9.241.67 >66.131.207.81 >65.177.240.194 >65.93.81.59 >65.95.193.138 >65.92.186.145 >63.250.82.87 >65.92.80.218 >61.38.187.59 >24.210.182.156 >24.202.91.43 >24.206.75.137 >24.197.143.132 >12.158.102.205 >24.33.66.38 >218.147.164.29 >12.232.104.221 >68.50.208.96 Roadrunner IIII Comcast II Sprint I Dacom I Earthlink I Le Groupe Videotron II Bell Canada IIIII Net 66 II Charter I ATT Worldnet II
|