Gents, First, let me apologize for cross-posting and for posting off topic. Cross post was only to reach members of one list that may not be on the other. Those of you that know me, know that I don't post off topic very often, let alone put out a list wide request for help. however, a client of mine is part of a rather large webhost company. You all may have read that there is a new exploit that can be run against users of outlook & internet explorer, using VML. Once the exploit is run, it not only allows code to be run on the client machine, but apparently it spreads itself across servers connected to the now infected _SERVER_. This problem is currently spreading across a huge number of hosting companies, and I've been asked to use any and all contacts I can to get help with trying to find a resolution. Currently, verisign, paypal, and quite a few other companies are assisting us and others, but this is about to reach critical mass. If anyone thinks they may be able to help, please contact me ASAP. In case you don't know me by this email, but maybe by a previous list email (that is no longer used because I don't work there anymore), my previous list email(s) is/are: sherwood@viatalk.com madprofzero@yahoo.com Thank you all for your consideration, and I must apologize profusely for needing to resort to these lists, but I don't have many other contacts I can connect with other than via this list. -- S McGowan VoIP Consultant rushowr@phreaker.net -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.5 (MingW32) - WinPT 0.12.3 mQGiBETxLJERBACrFvzk3Hd8AO9aGCSSgoabp8GGS7jYhR1UP9zqYeJIHeH+/r/D sCL0mPUGX1+FnVlh5UAO0Q3hueCdtgbAhdqMJMDhjQ2Tm10kBWu2DjWrLVnGx0QD Id1XAiQ1WIJkE2VqphKD0WVMsyxj08w+o+DwjD+mu3GCgitRTVOB9OnzpwCg3Ynx BHlbNUzLTp+3oUuudndpaiEEAIlBCJoIg+zCTg4/kFjsWfSYo3kTwNoQPqqMINMe GM15CkRvXgUdMgJMPeEqXNmfnUUHNf/6KD2WpP5kJcBZdNWHicvS+A+P1Sjuybio 5XlJgMDW5tzCX0V45n+RgZQjHMg1wpcv0eVOMhmaSL4eC7MyUnZBHzuBYmgNMpiM EF2wA/4y+hhoZ2SYUzTWk4QUPL8yaHTNS/4/aH8AB5cyRNljqT5//AXzYF3AxMZX bslWy4MtzX9CI9Zg8hxIzcaYp/oeFSVrv6Or/8ZRQk2T+eB7ymPY6T+SOcKfTgR2 f9kzlxtPjRK/nXDovjaaOGl0U0NaPemB0w8fEuNkF4LxKdAea7QgUyBNY0dvd2Fu IDxydXNob3dyQHBocmVha2VyLm5ldD6IYAQTEQIAIAUCRPEskQIbAwYLCQgHAwIE FQIIAwQWAgMBAh4BAheAAAoJEJX0LL+xQYafrbQAoKFzcLsRIkXWL1wzldi2iG4l FHD/AKCguGXH7GtZKpQfFct6vQUOnJuUB7kCDQRE8SygEAgAlOYMwiFKPALEpi/X Cb3kTzpDqi9yvlijssnyxY2IxTYJHheE2dkITtdmgFlfud0lCLiSVhf8i9Y2YCar I+Djz7/LTlX4lhcDBeAaSHfDUtr5jTn3caK5A3inCAxoI7Um9Sy3fSyW9DMww2Mj t+ysQ2XuXpRZ984/3X79kNttae7L3FqASHjfflUFhBukxpSAn5evmkAnmZDhjy5a Z9Ut+DGDQOG2qvDTZM/RFDyodLIRoW9AK2O3A7CtVjZVOTSjDdhdOsHzsuBioh51 ngfUo4B3hDy+tv5qtzD5UjVj8g+oFqDpjo7mj7EwhD/AqHxg6yKqOtVLTmeEdZzW RMMGkwADBQgAjutKcj73K0GqhlKP3D3plXXBLOeAnoUBMoxbd7u7HigTXkTeq7gX c+zC6pu3atL1piRBOTYPiflf36hkph+EC9Zu7fBmaIdKRqltV9m+XB5l6Kw/C4go hTeLFI5A61GmiyQ5NPRpaeERGba+EoWswYIUxkCmr7I02DL8R72oLu6bb+bevCz5 d1AKrY2Vg3M8IXhGHPrYoFup6EYC6Thp2wRG4vBtpQStFbdYjXNBYmwWNERPzOzb k3pU8y96X7mqLHbv6gi5wapJyPidasc3VtU7RrwSEsYDoc2nf+6KzZMTT3rnB9RL gns2mcXM/4utmBWzSL7tnil5mlI9dynHQYhJBBgRAgAJBQJE8SygAhsMAAoJEJX0 LL+xQYafclwAnAmrmJpITi7ngFNR/obx/l6tNPRqAJ477VYqaBg58lc+TlGK1DoA HeMrow==GJrg -----END PGP PUBLIC KEY BLOCK----- -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 187 bytes Desc: OpenPGP digital signature Url : http://lists.digium.com/pipermail/asterisk-users/attachments/20060922/2196006c/signature.pgp
Have you check out http://www.f-secure.com/weblog/ to see if it is related your problem? They offer a few solutions. Charles Alvis Internet Technology Group, Inc. Redmond, WA Personal Blog http://www.spamspotter.com -----Original Message----- From: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Rushowr Sent: Friday, September 22, 2006 11:37 PM To: Asterisk Users List; Asterisk Developers Mailing List Subject: [asterisk-users] OT But So Ungodly Important Gents, First, let me apologize for cross-posting and for posting off topic. Cross post was only to reach members of one list that may not be on the other. Those of you that know me, know that I don't post off topic very often, let alone put out a list wide request for help. however, a client of mine is part of a rather large webhost company. You all may have read that there is a new exploit that can be run against users of outlook & internet explorer, using VML. Once the exploit is run, it not only allows code to be run on the client machine, but apparently it spreads itself across servers connected to the now infected _SERVER_. This problem is currently spreading across a huge number of hosting companies, and I've been asked to use any and all contacts I can to get help with trying to find a resolution. Currently, verisign, paypal, and quite a few other companies are assisting us and others, but this is about to reach critical mass. If anyone thinks they may be able to help, please contact me ASAP. In case you don't know me by this email, but maybe by a previous list email (that is no longer used because I don't work there anymore), my previous list email(s) is/are: sherwood@viatalk.com madprofzero@yahoo.com Thank you all for your consideration, and I must apologize profusely for needing to resort to these lists, but I don't have many other contacts I can connect with other than via this list. -- S McGowan VoIP Consultant rushowr@phreaker.net -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.5 (MingW32) - WinPT 0.12.3 mQGiBETxLJERBACrFvzk3Hd8AO9aGCSSgoabp8GGS7jYhR1UP9zqYeJIHeH+/r/D sCL0mPUGX1+FnVlh5UAO0Q3hueCdtgbAhdqMJMDhjQ2Tm10kBWu2DjWrLVnGx0QD Id1XAiQ1WIJkE2VqphKD0WVMsyxj08w+o+DwjD+mu3GCgitRTVOB9OnzpwCg3Ynx BHlbNUzLTp+3oUuudndpaiEEAIlBCJoIg+zCTg4/kFjsWfSYo3kTwNoQPqqMINMe GM15CkRvXgUdMgJMPeEqXNmfnUUHNf/6KD2WpP5kJcBZdNWHicvS+A+P1Sjuybio 5XlJgMDW5tzCX0V45n+RgZQjHMg1wpcv0eVOMhmaSL4eC7MyUnZBHzuBYmgNMpiM EF2wA/4y+hhoZ2SYUzTWk4QUPL8yaHTNS/4/aH8AB5cyRNljqT5//AXzYF3AxMZX bslWy4MtzX9CI9Zg8hxIzcaYp/oeFSVrv6Or/8ZRQk2T+eB7ymPY6T+SOcKfTgR2 f9kzlxtPjRK/nXDovjaaOGl0U0NaPemB0w8fEuNkF4LxKdAea7QgUyBNY0dvd2Fu IDxydXNob3dyQHBocmVha2VyLm5ldD6IYAQTEQIAIAUCRPEskQIbAwYLCQgHAwIE FQIIAwQWAgMBAh4BAheAAAoJEJX0LL+xQYafrbQAoKFzcLsRIkXWL1wzldi2iG4l FHD/AKCguGXH7GtZKpQfFct6vQUOnJuUB7kCDQRE8SygEAgAlOYMwiFKPALEpi/X Cb3kTzpDqi9yvlijssnyxY2IxTYJHheE2dkITtdmgFlfud0lCLiSVhf8i9Y2YCar I+Djz7/LTlX4lhcDBeAaSHfDUtr5jTn3caK5A3inCAxoI7Um9Sy3fSyW9DMww2Mj t+ysQ2XuXpRZ984/3X79kNttae7L3FqASHjfflUFhBukxpSAn5evmkAnmZDhjy5a Z9Ut+DGDQOG2qvDTZM/RFDyodLIRoW9AK2O3A7CtVjZVOTSjDdhdOsHzsuBioh51 ngfUo4B3hDy+tv5qtzD5UjVj8g+oFqDpjo7mj7EwhD/AqHxg6yKqOtVLTmeEdZzW RMMGkwADBQgAjutKcj73K0GqhlKP3D3plXXBLOeAnoUBMoxbd7u7HigTXkTeq7gX c+zC6pu3atL1piRBOTYPiflf36hkph+EC9Zu7fBmaIdKRqltV9m+XB5l6Kw/C4go hTeLFI5A61GmiyQ5NPRpaeERGba+EoWswYIUxkCmr7I02DL8R72oLu6bb+bevCz5 d1AKrY2Vg3M8IXhGHPrYoFup6EYC6Thp2wRG4vBtpQStFbdYjXNBYmwWNERPzOzb k3pU8y96X7mqLHbv6gi5wapJyPidasc3VtU7RrwSEsYDoc2nf+6KzZMTT3rnB9RL gns2mcXM/4utmBWzSL7tnil5mlI9dynHQYhJBBgRAgAJBQJE8SygAhsMAAoJEJX0 LL+xQYafclwAnAmrmJpITi7ngFNR/obx/l6tNPRqAJ477VYqaBg58lc+TlGK1DoA HeMrow==GJrg -----END PGP PUBLIC KEY BLOCK-----
Gentlemen, An update on my prior post. I have not confirmed a solution is in place, but I do know that a gent has identified the virus, and symantec has confirmed it's new. I don't know the prefix, but it'll be named after my coworker.....dcollins is the name it'll be under. I'll update if we have a fix, once I have confirmation -- S McGowan VoIP Consultant rushowr@phreaker.net -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.5 (MingW32) - WinPT 0.12.3 mQGiBETxLJERBACrFvzk3Hd8AO9aGCSSgoabp8GGS7jYhR1UP9zqYeJIHeH+/r/D sCL0mPUGX1+FnVlh5UAO0Q3hueCdtgbAhdqMJMDhjQ2Tm10kBWu2DjWrLVnGx0QD Id1XAiQ1WIJkE2VqphKD0WVMsyxj08w+o+DwjD+mu3GCgitRTVOB9OnzpwCg3Ynx BHlbNUzLTp+3oUuudndpaiEEAIlBCJoIg+zCTg4/kFjsWfSYo3kTwNoQPqqMINMe GM15CkRvXgUdMgJMPeEqXNmfnUUHNf/6KD2WpP5kJcBZdNWHicvS+A+P1Sjuybio 5XlJgMDW5tzCX0V45n+RgZQjHMg1wpcv0eVOMhmaSL4eC7MyUnZBHzuBYmgNMpiM EF2wA/4y+hhoZ2SYUzTWk4QUPL8yaHTNS/4/aH8AB5cyRNljqT5//AXzYF3AxMZX bslWy4MtzX9CI9Zg8hxIzcaYp/oeFSVrv6Or/8ZRQk2T+eB7ymPY6T+SOcKfTgR2 f9kzlxtPjRK/nXDovjaaOGl0U0NaPemB0w8fEuNkF4LxKdAea7QgUyBNY0dvd2Fu IDxydXNob3dyQHBocmVha2VyLm5ldD6IYAQTEQIAIAUCRPEskQIbAwYLCQgHAwIE FQIIAwQWAgMBAh4BAheAAAoJEJX0LL+xQYafrbQAoKFzcLsRIkXWL1wzldi2iG4l FHD/AKCguGXH7GtZKpQfFct6vQUOnJuUB7kCDQRE8SygEAgAlOYMwiFKPALEpi/X Cb3kTzpDqi9yvlijssnyxY2IxTYJHheE2dkITtdmgFlfud0lCLiSVhf8i9Y2YCar I+Djz7/LTlX4lhcDBeAaSHfDUtr5jTn3caK5A3inCAxoI7Um9Sy3fSyW9DMww2Mj t+ysQ2XuXpRZ984/3X79kNttae7L3FqASHjfflUFhBukxpSAn5evmkAnmZDhjy5a Z9Ut+DGDQOG2qvDTZM/RFDyodLIRoW9AK2O3A7CtVjZVOTSjDdhdOsHzsuBioh51 ngfUo4B3hDy+tv5qtzD5UjVj8g+oFqDpjo7mj7EwhD/AqHxg6yKqOtVLTmeEdZzW RMMGkwADBQgAjutKcj73K0GqhlKP3D3plXXBLOeAnoUBMoxbd7u7HigTXkTeq7gX c+zC6pu3atL1piRBOTYPiflf36hkph+EC9Zu7fBmaIdKRqltV9m+XB5l6Kw/C4go hTeLFI5A61GmiyQ5NPRpaeERGba+EoWswYIUxkCmr7I02DL8R72oLu6bb+bevCz5 d1AKrY2Vg3M8IXhGHPrYoFup6EYC6Thp2wRG4vBtpQStFbdYjXNBYmwWNERPzOzb k3pU8y96X7mqLHbv6gi5wapJyPidasc3VtU7RrwSEsYDoc2nf+6KzZMTT3rnB9RL gns2mcXM/4utmBWzSL7tnil5mlI9dynHQYhJBBgRAgAJBQJE8SygAhsMAAoJEJX0 LL+xQYafclwAnAmrmJpITi7ngFNR/obx/l6tNPRqAJ477VYqaBg58lc+TlGK1DoA HeMrow==GJrg -----END PGP PUBLIC KEY BLOCK----- -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 187 bytes Desc: OpenPGP digital signature Url : http://lists.digium.com/pipermail/asterisk-users/attachments/20060923/858911cd/signature.pgp