[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] MyDoom for Windows is being used to attack UINUX Website
- Subject: Re: [cobalt-users] MyDoom for Windows is being used to attack UINUX Website
- From: Jeff Lasman <blists@xxxxxxxxxxxxx>
- Date: Sun Feb 1 14:38:00 2004
- Organization: nobaloney.net
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
On Sunday 01 February 2004 11:43 am, Al-Juhani wrote:
> > I'm sure we'll get a few more signatures to look for as time goes
> > on.
>
> Jeff,
>
> Well just for the purpose of trying to analyze both MyDoom.A and
> MyDoom.B worms are available on this website:
> http://homepages.ihug.co.nz/~mjcarter/ see the link at the bottom of
> the page.
Tim Jackson has already analyzed them and has written a .cf file for
SpamAssassin, which I found on the exim-users list:
http://www.timj.co.uk/linux/bogus-virus-warnings.cf
Since I don't use procmail myself, I'll be implementing this in my
servers for people who elect to use our SpamAssassin implementation,
and I'll create a set of acls that act similarly for those who'd rather
use blocklists.
Jeff
--
Jeff Lasman, nobaloney.net, P. O. Box 52672, Riverside, CA 92517 US
Professional Internet Services & Support / Consulting / Colocation
Our blists address used on lists is for list email only
Phone +1 909 324-9706, or see: "http://www.nobaloney.net/contactus.html";