SoBig tutorial needed
Results 1 to 6 of 6

Thread: SoBig tutorial needed

  1. #1
    Junior Member
    Join Date
    Jul 2003
    Posts
    4

    SoBig tutorial needed

    Howdy ppl...does anyone know how the SoBig virus replicates and works in detail. I think that would be helpful in designing a measure to stop or to reduce the threat that the Sobig.G virus is expected to inflict. I really dont stand for the filter approch in which you filter all the executable files or for filtering unknown users.
    The more I learn the less I know...

  2. #2
    Junior Member
    Join Date
    Sep 2003
    Posts
    21
    What is wrong with filtering emails with executable attachments? With the exception of a very few tech support people sending me patches/fixes/updates I never get legit emails with executables. I don't really see how knowing the details of how it spreads will help you to block it.

  3. #3
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    Any of the big AV vendors has full information online about this and any other virii out there.

  4. #4
    AO Veteran NeuTron's Avatar
    Join Date
    Apr 2003
    Posts
    550
    Originally posted here by IFixDaWindoze
    What is wrong with filtering emails with executable attachments? With the exception of a very few tech support people sending me patches/fixes/updates I never get legit emails with executables. I don't really see how knowing the details of how it spreads will help you to block it.
    You actually don't see how knowing the way a virus spreads can help you to combat it? How the hell would you learn to block something without knowing it's method of infection or mobility?

    joyride- Here is the page that Symantec posted about the virus and it's method of infection.
    http://securityresponse.symantec.com...obig.f@mm.html

  5. #5
    Senior Member
    Join Date
    Sep 2003
    Posts
    279
    I say if your gonna send an exe zip it up, that way exe files can be blocked and when a person download a zip file they can scann it first brfore opening it. Thats what were trying to do ay my workplace, a local ISP.
    AntiOnline Quick Forum Version 2b Click Here
    10010101000000110010001100111

  6. #6
    Senior Member
    Join Date
    Aug 2003
    Posts
    1,019
    Or another method I find quite useful would be to rename it to SoBig.ded... accidents do happen

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •