[scg-sec] RE: [Scg-doom] Any word from SCO or Microsoft
Smith, Donald
Donald.Smith at qwest.com
Fri Jan 30 12:54:46 EST 2004
I will NOT release it until I get permission from XO's rep, Justin:-)
In truth SCO could come out looking really smart compared to other intended victims if they published
this themselves. (Putting on spindoctorhat) a public announcment that they are working with and cooperating with
a large set of isp's to mitigate the effects of this ddos on the INTERNET and to assist in tracking down infected systems.
Please note I sent this to the scg group. I would prefer sco do their own spindoctoring:-)
Donald.Smith at qwest.com GCIA
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xAF00EDCC
I reserve the right to be wrong but don't exercise it too often.
> -----Original Message-----
> From: scg-doom-bounces at puck.nether.net
> [mailto:scg-doom-bounces at puck.nether.net]On Behalf Of Sean Donelan
> Sent: Friday, January 30, 2004 10:47 AM
> To: Battles, Timothy A (Tim), ALABS
> Cc: scg-doom at puck.nether.net
> Subject: RE: [Scg-doom] Any word from SCO or Microsoft
>
>
> On Fri, 30 Jan 2004, Battles, Timothy A (Tim), ALABS wrote:
> > I don't see how it can hurt.
>
> It could alert the miscreants that they need to look at the IP address
> because the A record might be changing this weekend and
> release an updated
> virus. But I agree, I don't think it makes much difference because if
> they were going to launch a separate attack to coordinate
> with the virus,
> they can do that anyway.
>
> But its pretty much SCO's and Microsoft's call. Sometimes
> companies are
> skittish (pun intended) about releasing anything. So if it helps them
> gain trust that sgc can keep a secret, I would say don't
> release it now.
>
> sean donelan
> sbc security guy
>
> _______________________________________________
> Scg-doom mailing list
> Scg-doom at puck.nether.net
> https://puck.nether.net/mailman/listinfo/scg-doom
>
More information about the scg-sec
mailing list