[Techtalk] outlook virii

[Poppy]

Hrm. Might be interesting, but one might surmise that if these people
understood computers well enough to know that <that> IP address was one
in the pool of addresses that they use regularly, they'd also know
enough to keep the virus definitions updated, no? About all you're going
to get with a listing of infected IP addresses is a way for the ISPs of
the world (and System Admins) to see how widespread infection is on
their network, and of the two, only the System Admins with
private/static connections will be able to do anything about it...
haven't seen an overwhelming amount of commercial ISPs making an effort
to prevent viruses travelling anywhere besides email.I could be wrong.

Perhaps a web page that told you <when you go there> whether you should
check for a virus by the activity from your computer, but I'd hate to be
the one to explain to all of the privacy freaks out there that I'm
really not scanning their computers, their computers are coming out to
meet me!

--Poppy

On Fri, 2002-04-12 at 22:44, jennyw wrote:
> I wonder if there's a Web site that lists the IPs of all infected 
> machines. That might be interesting ...
> 
> Jen
> 
> On Fri, Apr 12, 2002 at 10:43:26PM -0400, James wrote:
> > I remember someone that made a Perl script which added offending IPs to
> > a ipchains/iptables block list.
> > 
> > However, automated is BAD.  If this procedure caught on, virii writers
> > might spoof IPs as a snub to those who do this.  Imagine if suddenly
> > you've blackholed localhost or your gateway or your DNS servers or
> > everything else in your Class C.
> > 
> > Basically, I just laugh at Nimda/CR trying to compromise my Apache
> > server and weep because of all the people who are still
> > vulnerable/infected.
> > 
> > - James