DIE 207.216.9.157

Will Rickards

Storage Is My Life
Joined
Jan 23, 2002
Messages
2,012
Location
Here
Website
willrickards.net
Seriously 207.216.9.157 stop sending me mydoom.a!!!!
I get enough spam, now I have to deal with a virus from a system with a system datetime in the year 2000!

Is there anything I can do to get this machine cleaned?
I sent an e-mail to the abuse e-mail at the domain they are on, telus.net.
But I'm getting one like every 20 minutes to various addresses at my domain. I've never used any of these addresses either. It seems to be picking random e-mail addresses at my domain and my catchall is catching them all!

This is the first e-mail virus I've ever gotten here on my home computer.
NOD32 picked it right up and waiting for me to tell it what to do.
After which point I configured it not to ask me anymore and delete those nasty attachments.

I tried doing a tracert to that address but it fails after I get onto the telus.net system. So I don't think I can communicate with the machine directly, even if I did want to run some program to <s>destroy</s> disinfect it.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
If it's got MyDoom, it has known security holes. Shouldn't be that hard to get it to remote execute a "shutdown" command. Or maybe you could write a .VBS to replace their IE start page with a friendly note to run housecall, then jam a pencil through their left eye socket.

Is it illegal? Maybe. But IMO it's absolutely the right thing to do when you've exhausted other options.

FWIW, I still see Code Red scanning my firewall every once in awhile.
 

Will Rickards WT

Learning Storage Performance
Joined
Jun 19, 2002
Messages
433
Location
Pennsylvania, USA
Website
www.willrickards.net
I actually looked for remote disinfect/shutdown script but as I couldn't actually get to the machine through tracert I figured I wouldn't be able to run any of that stuff. And here at work I just get destination host unreachable. So I don't know if it is down or the firewall here doesn't like that address.

Wasn't some senator trying to push through legislation to make it legal for the RIAA to post malicious software on P2P networks? Maybe they legalized retaliation against an attacking computer?
 

HellDiver

Learning Storage Performance
Joined
Jan 22, 2002
Messages
130
Buck said:
Eyes cannot be replaced, but knees can. :mrgrn:
Well, that's the good thing about Merc's method : the individual gets his warning to patch the rig pronto, while he can still see the keyboard with the remaining eye... :twistd:
 
Top