BlackWorm infected IP's reporting


In the next day or so some of us will cooperate to bring to the
attention of all effected AS's information about infected users in their

That would be "affected".

This will be coordinated with several groups and organizations. Please
expect these emails, thanks.

In other words, NANOG is a step child of these and we'll only see
the PR? If you're going to keep the mitigations off of NANOG, it's
probably safe to keep it all off. We all read newspapers, blogs, and

I'll post my pre-94 copy of the Compuserve Directory if someone can
prove this story didn't come from this list:,1895,1915070,00.asp

SANS has it, but they aren't being authoritative about it, quoting

I'd love to see the US authoritative sources jump in on these
and advise us to cough up our dimes for the dances or not.