Topic awaiting preservation: SoBig worm, one more virus (Page 1 of 1) $Pages that link to <a href="https://ozoneasylum.com/backlink?for=6768" title="Pages that link to Topic awaiting preservation: SoBig worm, one more virus (Page 1 of 1)" rel="nofollow" >Topic awaiting preservation: SoBig worm, one more virus <span class="small">(Page 1 of 1)</span>\$

InI Paranoid (IV) Mad Scientist From: Somewhere over the rainbow Insane since: Mar 2001	posted 08-20-2003 14:14 The poster has demanded we remove all his contributions, less he takes legal action. We have done so. Now Tyberius Prime expects him to start complaining that we removed his 'free speech' since this message will replace all of his posts, past and future. Don't follow his example - seek real life help first.
InI Paranoid (IV) Mad Scientist From: Somewhere over the rainbow Insane since: Mar 2001	posted 08-20-2003 14:29 The poster has demanded we remove all his contributions, less he takes legal action. We have done so. Now Tyberius Prime expects him to start complaining that we removed his 'free speech' since this message will replace all of his posts, past and future. Don't follow his example - seek real life help first.
Skaarjj Maniac (V) Mad Scientist From: :morF Insane since: May 2000	posted 08-20-2003 20:58 The thing with all this spam is...one address really worried me...a spam virus email from webmaster@gurusnetwork.com
Slime Lunatic (VI) Mad Scientist From: Massachusetts, USA Insane since: Mar 2000	posted 08-20-2003 21:17 The worm, if executed (if you ran the attachment), finds emails in your address book and pretends that it came from them. If you didn't run the attachment, perhaps webmaster@gurusnetwork.com is infected...?
Skaarjj Maniac (V) Mad Scientist From: :morF Insane since: May 2000	posted 08-20-2003 21:19 I hope not...that'd probably mean that runningwolf in infected...wonder if Pugz knows about this. oh well...I didn't open any of the emails...just deleted all 287 of them. I didn't realise that many people had me in various places on their HDDs.... This is also a reason why I keep my address book in my head an on paper...never in a digital format.
Yannah Paranoid (IV) Inmate From: In your Hard Drive; C: Insane since: Dec 2002	posted 08-25-2003 03:56 I heard from the news on Friday that if this virus could really make the whole internet run slow all over the world. And that scares me.
mas Paranoid (IV) Inmate From: the space between us Insane since: Sep 2002	posted 08-25-2003 10:32 i already got tons of these sobig f e-mails...fortunately i never opened the attachements PORTFOLIO0
Pugzly Paranoid (IV) Inmate From: 127.0.0.1 Insane since: Apr 2000	posted 08-25-2003 12:13 Skaarjj - You think it worried you? I got all the bounce messages! More than 100 PER MINUTE for about 12 hours!
InI Paranoid (IV) Mad Scientist From: Somewhere over the rainbow Insane since: Mar 2001	posted 08-25-2003 12:17 The poster has demanded we remove all his contributions, less he takes legal action. We have done so. Now Tyberius Prime expects him to start complaining that we removed his 'free speech' since this message will replace all of his posts, past and future. Don't follow his example - seek real life help first.
Tyberius Prime Paranoid (IV) Mad Scientist with Finglongers From: Germany Insane since: Sep 2001	posted 08-25-2003 15:14 honestly, we need electro-shock mouses... click on an 'prepared' attachment -> bzzz.
mr.maX Maniac (V) Mad Scientist From: Belgrade, Serbia Insane since: Sep 2000	posted 08-26-2003 08:19 I've been receiving a lot of bounce e-mails from mail servers that are running really brain dead spam/virus checkers. The main rule of thumb is to send bounces only to local users (users that have accounts on the mail server in question). But, even if people in charge of specific mail server decide to send bounces to everybody, they should at least use spam/virus checker that knows which viruses fake sender address in which case, bounce message is useless and just consumes bandwidth. Unfortunately, a lot of mail servers are either improperly configured or running brain dead spam/virus checkers (as said above)... BTW Interesting fact about W32/Sobig.F@mm worm is that it has ability to synchronize attacks (it can contact internet atomic clocks via NTP protocol). More about this: http://www.f-prot.com/news/vir_alert/sobig_f.html [This message has been edited by mr.maX (edited 08-26-2003).]
CRO8 Bipolar (III) Inmate From: New York City Insane since: Jul 2000	posted 08-30-2003 20:16 I bet this question has been answered already but I am just getting to this now- I am at my client’s computer and trying to figure out how to solve the sobig.f spam emails we are getting. What did you guys do to stop the spamming? Delete existing emails and re-create new ones? I currently have info@hisdomainname. Can I simply replace that with information@hisdomainmname ? Thanks. CRO8 just read this on symantic website: quote: The worm de-activates on September 10, 2003. The last day on which the worm will spread is September 9, 2003. [This message has been edited by CRO8 (edited 08-30-2003).]

Topic awaiting preservation: SoBig worm, one more virus (Page 1 of 1) $Pages that link to <a href="https://ozoneasylum.com/backlink?for=6768" title="Pages that link to Topic awaiting preservation: SoBig worm, one more virus (Page 1 of 1)" rel="nofollow" >Topic awaiting preservation: SoBig worm, one more virus <span class="small">(Page 1 of 1)</span>\$

InI
Paranoid (IV) Mad Scientist

From: Somewhere over the rainbow
Insane since: Mar 2001

posted 08-20-2003 14:14

The poster has demanded we remove all his contributions, less he takes legal action.
We have done so.
Now Tyberius Prime expects him to start complaining that we removed his 'free speech' since this message will replace all of his posts, past and future.
Don't follow his example - seek real life help first.

InI
Paranoid (IV) Mad Scientist

From: Somewhere over the rainbow
Insane since: Mar 2001

posted 08-20-2003 14:29

Skaarjj
Maniac (V) Mad Scientist

From: :morF
Insane since: May 2000

posted 08-20-2003 20:58

The thing with all this spam is...one address really worried me...a spam virus email from webmaster@gurusnetwork.com

Slime
Lunatic (VI) Mad Scientist

From: Massachusetts, USA
Insane since: Mar 2000

posted 08-20-2003 21:17

The worm, if executed (if you ran the attachment), finds emails in your address book and pretends that it came from them. If you didn't run the attachment, perhaps webmaster@gurusnetwork.com is infected...?

Skaarjj
Maniac (V) Mad Scientist

From: :morF
Insane since: May 2000

posted 08-20-2003 21:19

I hope not...that'd probably mean that runningwolf in infected...wonder if Pugz knows about this.

oh well...I didn't open any of the emails...just deleted all 287 of them.

I didn't realise that many people had me in various places on their HDDs....

This is also a reason why I keep my address book in my head an on paper...never in a digital format.

Yannah
Paranoid (IV) Inmate

From: In your Hard Drive; C:
Insane since: Dec 2002

posted 08-25-2003 03:56

I heard from the news on Friday that if this virus could really make the whole internet run slow all over the world. And that scares me.

mas
Paranoid (IV) Inmate

From: the space between us
Insane since: Sep 2002

posted 08-25-2003 10:32

i already got tons of these sobig f e-mails...fortunately i never opened the attachements

PORTFOLIO0

Pugzly
Paranoid (IV) Inmate

From: 127.0.0.1
Insane since: Apr 2000

posted 08-25-2003 12:13

Skaarjj -

You think it worried you? I got all the bounce messages! More than 100 PER MINUTE for about 12 hours!

InI
Paranoid (IV) Mad Scientist

From: Somewhere over the rainbow
Insane since: Mar 2001

posted 08-25-2003 12:17

Tyberius Prime
Paranoid (IV) Mad Scientist with Finglongers

From: Germany
Insane since: Sep 2001

posted 08-25-2003 15:14

honestly, we need electro-shock mouses...

click on an 'prepared' attachment -> bzzz.

mr.maX
Maniac (V) Mad Scientist

From: Belgrade, Serbia
Insane since: Sep 2000

posted 08-26-2003 08:19

I've been receiving a lot of bounce e-mails from mail servers that are running really brain dead spam/virus checkers. The main rule of thumb is to send bounces only to *local* users (users that have accounts on the mail server in question). But, even if people in charge of specific mail server decide to send bounces to everybody, they should at least use spam/virus checker that knows which viruses fake sender address in which case, bounce message is useless and just consumes bandwidth. Unfortunately, a lot of mail servers are either improperly configured or running brain dead spam/virus checkers (as said above)...

BTW Interesting fact about W32/Sobig.F@mm worm is that it has ability to synchronize attacks (it can contact internet atomic clocks via NTP protocol). More about this: http://www.f-prot.com/news/vir_alert/sobig_f.html

[This message has been edited by mr.maX (edited 08-26-2003).]

CRO8
Bipolar (III) Inmate

From: New York City
Insane since: Jul 2000

posted 08-30-2003 20:16

I bet this question has been answered already but I am just getting to this now- I am at my client’s computer and trying to figure out how to solve the sobig.f spam emails we are getting. What did you guys do to stop the spamming? Delete existing emails and re-create new ones?

I currently have info@hisdomainname. Can I simply replace that with information@hisdomainmname ?

Thanks.
CRO8

just read this on symantic website:

quote:
The worm de-activates on September 10, 2003. The last day on which the worm will spread is September 9, 2003.

[This message has been edited by CRO8 (edited 08-30-2003).]