|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Impending (mydoom) DOS attack
On Friday 30 January 2004 01:18 pm, bcm wrote: > Is anyone taking any special precautions given the potential for a sudden > increase in aggregate packets per second across your networks come Sunday > afternoon when the original Mydoom virus enters into its DOS phase? > > Does anyone know if the virus' assault will be slowed if it is unable to > reach www.sco.com? I am hoping that if it cannot reach SCO's site that the > HTTP GET command will be slow in returning, effectively reducing the volume > of traffic a single PC is capable is generating. I am having a difficult > time artificially forcing the virus to start its attack in a lab > environment, so I am unable to confirm this. > > Any input would be appreciated. Thanks! I think we should help out SCO by creating new wildcard entries into our DNS servers that point *.sco.com to 127.0.0.1 as well as blackholing all SCO SWIPd IP Address Space. <a****le mode> We should also never remove the above. </a****le mode> -- Donovan Hill Electronics Engineering Technologist, CCNA www.lazyeyez.net, www.gwsn.com
|