DIE 207.216.9.157

[Will Rickards]

Seriously 207.216.9.157 stop sending me mydoom.a!!!!
I get enough spam, now I have to deal with a virus from a system with a system datetime in the year 2000!

Is there anything I can do to get this machine cleaned?
I sent an e-mail to the abuse e-mail at the domain they are on, telus.net.
But I'm getting one like every 20 minutes to various addresses at my domain. I've never used any of these addresses either. It seems to be picking random e-mail addresses at my domain and my catchall is catching them all!

This is the first e-mail virus I've ever gotten here on my home computer.
NOD32 picked it right up and waiting for me to tell it what to do.
After which point I configured it not to ask me anymore and delete those nasty attachments.

I tried doing a tracert to that address but it fails after I get onto the telus.net system. So I don't think I can communicate with the machine directly, even if I did want to run some program to <s>destroy</s> disinfect it.

 

[Buck]

Sorry Will, I'm not that advanced to provide you with any solutions for disinfecting that other system.

 

[time]

You need the Buck 1000 model for that.

 

[Buck]

You need the Buck 1000 model for that.

That device only works with a physical address.

 

[Mercutio]

If it's got MyDoom, it has known security holes. Shouldn't be that hard to get it to remote execute a "shutdown" command. Or maybe you could write a .VBS to replace their IE start page with a friendly note to run housecall, then jam a pencil through their left eye socket.

Is it illegal? Maybe. But IMO it's absolutely the right thing to do when you've exhausted other options.

FWIW, I still see Code Red scanning my firewall every once in awhile.

 

[Buck]

...then jam a pencil through their left eye socket.

Eyes cannot be replaced, but knees can. :mrgrn:

 

[Will Rickards WT]

I actually looked for remote disinfect/shutdown script but as I couldn't actually get to the machine through tracert I figured I wouldn't be able to run any of that stuff. And here at work I just get destination host unreachable. So I don't know if it is down or the firewall here doesn't like that address.

Wasn't some senator trying to push through legislation to make it legal for the RIAA to post malicious software on P2P networks? Maybe they legalized retaliation against an attacking computer?

 

[ddrueding]

I think the only true way to protect users from the ills of computers is to cut off both their hands....

 

[HellDiver]

Eyes cannot be replaced, but knees can. :mrgrn:

Well, that's the good thing about Merc's method : the individual gets his warning to patch the rig pronto, while he can still see the keyboard with the remaining eye... :twistd:

 

[Buck]

Very evil.

 

[The JoJo]

Nasty stuff, isn't this more appropriate?

:wink: