From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <3F4D2973.4050803@proweb.co.uk> From: matt User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.3) Gecko/20030425 MIME-Version: 1.0 To: 9fans@cse.psu.edu Subject: Re: [9fans] is sources unreachable? References: <3F4CD4E3.7010701@ameritech.net> <3F4CD0B3.6030607@proweb.co.uk> <3F4D2580.6040000@ameritech.net> In-Reply-To: <3F4D2580.6040000@ameritech.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Date: Wed, 27 Aug 2003 22:58:11 +0100 Topicbox-Message-UUID: 2408a2ac-eacc-11e9-9e20-41e7f4b1d025 northern snowfall wrote: >> presumably you've heard the speculation that SoBig is an experiment >> in seeing if 6 degrees of separation will find sensitive systems > > > > Hmm, I don't remember asking for six degrees of flame. Don, you have managed to mis-understand me in a way I can't even work out. Believe me, if I was flaming you, there would be no doubt. And also believe me that flaming you is the last thing on my mind. My statement re: 6 degrees was that you send out an email virus that spreads itself using *your* contacts, then their contacts, then their contacts. Then all the infected hosts call in to the 20 servers and report in about where they are or send an email that makes it's way back to the originator. This spread can jump firewalls, POP proxies, heck, even disconnected networks that get their email through dialup could be affected. It is a great way of collecting potential usernames for dictionary / lame password attacks or just email address harvesting. It is one of the most interesting applications this year, and we've not seen the best of it yet. It doesn't even exploit bugs !