[Snort-sigs] Re: RIAA "hack-back" sig anyone?

Javier Liendo javier at ...1183...
Tue Jan 14 16:29:03 EST 2003


it seems that this whole p2p worm is a hoax...

http://www.securitynewsportal.com/cgi-bin/cgi-script/csNews/csNews.cgi?database=JanV%2edb&command=viewone&id=12&op=t

saludos

javier

--- Sam Evans <sam at ...219...> wrote:
> I wonder if they are sending it back to an address
> within the RIAA's block.. 
> That might be something to start with. 
> 
> dreamwvr at ...1181... writes: 
> 
> > On Tue, Jan 14, 2003 at 10:51:00AM -0800, Florin
> Andrei wrote:
> >> http://212.100.234.54/content/6/28842.html 
> >> 
> >> <quote>
> >> The RIAA is preparing to infect MP3 files in
> order to audit and
> >> eventually disable file swapping.
> >> Gobbles claims that when a peer to peer host is
> infected, it catalogs
> >> media and sends the information "back to the RIAA
> headquarters (through
> >> specifically crafter requests over the p2p
> networks) where it is added
> >> to their records", and also propagates the
> exploit to other nodes.
> >> </quote>
> > nope it might be a good idea to use kazaa as a
> litmus test for this
> > pattern. Just my 2 cents. 
> > 
> > Best Regards,
> > dreamwvr at ...1181...
> >  
> > -- 
> > /*  Security is a work in progress - dreamwvr     
>            */
> > #                                                 
>            
> > # Note: To begin Journey type man afterboot,man
> help,man hier[.]      
> > #                                                 
>            
> > // "Who's Afraid of Schrodinger's Cat?"
> /var/(.)?mail/me \?  ;-] 
> > 
> > 
> >
>
-------------------------------------------------------
> > This SF.NET email is sponsored by: Take your first
> step towards giving 
> > your online business a competitive advantage.
> Test-drive a Thawte SSL 
> > certificate - our easy online guide will show you
> how. Click here to get 
> > started:
>
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0027en
> > _______________________________________________
> > Snort-sigs mailing list
> > Snort-sigs at lists.sourceforge.net
> >
>
https://lists.sourceforge.net/lists/listinfo/snort-sigs
>  
> 
> 
>
-------------------------------------------------------
> This SF.NET email is sponsored by: Take your first
> step towards giving 
> your online business a competitive advantage.
> Test-drive a Thawte SSL 
> certificate - our easy online guide will show you
> how. Click here to get 
> started:
>
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0027en
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs at lists.sourceforge.net
>
https://lists.sourceforge.net/lists/listinfo/snort-sigs





More information about the Snort-sigs mailing list