[Snort-sigs] Re: RIAA "hack-back" sig anyone?
sam at ...219...
Tue Jan 14 14:52:02 EST 2003
I wonder if they are sending it back to an address within the RIAA's block..
That might be something to start with.
dreamwvr at ...1181... writes:
> On Tue, Jan 14, 2003 at 10:51:00AM -0800, Florin Andrei wrote:
>> The RIAA is preparing to infect MP3 files in order to audit and
>> eventually disable file swapping.
>> Gobbles claims that when a peer to peer host is infected, it catalogs
>> media and sends the information "back to the RIAA headquarters (through
>> specifically crafter requests over the p2p networks) where it is added
>> to their records", and also propagates the exploit to other nodes.
> nope it might be a good idea to use kazaa as a litmus test for this
> pattern. Just my 2 cents.
> Best Regards,
> dreamwvr at ...1181...
> /* Security is a work in progress - dreamwvr */
> # Note: To begin Journey type man afterboot,man help,man hier[.]
> // "Who's Afraid of Schrodinger's Cat?" /var/(.)?mail/me \? ;-]
> This SF.NET email is sponsored by: Take your first step towards giving
> your online business a competitive advantage. Test-drive a Thawte SSL
> certificate - our easy online guide will show you how. Click here to get
> started: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0027en
> Snort-sigs mailing list
> Snort-sigs at lists.sourceforge.net
More information about the Snort-sigs