[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] URLs used by W32/MyDoom-O (aka .AX, .BB) to query search engines?

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] URLs used by W32/MyDoom-O (aka .AX, .BB) to query search engines?
From: Alain Fauconnet <alain@xxxxxxxxx>
Date: Fri, 18 Feb 2005 08:01:27 +0700

Hello List,

Does anyone have a list of query URLs used by W32/MyDoom-O
(Sophos name: http://www.sophos.com/virusinfo/analyses/w32mydoomo.html)
to dig e-mail addresses from search engines?

Are these specific enough that there's a chance to catch them in the
config of a web proxy (e.g. Squid) and avoid being "blacklisted" by
the search engines? (seems to me that Google temporarily blacklists
IPs that drown them under such requests)

Greets,
_Alain_
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- [Full-Disclosure] RE: URLs used by W32/MyDoom-O (aka .AX, .BB) to query search engines?
  - From: Patrick Nolan

Prev by Date: [Full-Disclosure] The Security Forum - meeting #8 -20/2/05
Next by Date: Re: [Full-Disclosure] New Internet Explorer Beta
Previous by thread: [Full-Disclosure] The Security Forum - meeting #8 -20/2/05
Next by thread: [Full-Disclosure] RE: URLs used by W32/MyDoom-O (aka .AX, .BB) to query search engines?
Index(es):
- Date
- Thread