lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: pauls at utdallas.edu (Schmehl, Paul L)
Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

Cyberterrorism????  Getting a bit hyped up, aren't we?  It's just
another stupid worm.

And blaming admins for not patching there boxes is bull.  You ever been
to a university?  I defy you to even know where all the vulnerable boxes
are, much less get the "owners" to patch them.  And tomorrow there will
be more - because Microsoft has convinced the world that it's easy to
run a box to do whatever it is you need to do, without knowing the first
damn thing about security.

Put the blame where it belongs - vendors who put out crap for software
and jerks who take advantage of that.

Until you've walked a mile in the shoes of the admins having to deal
with this, keep your smug self-righteous indignation to yourselves.

Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/~pauls/
AVIEN Founding Member 


-----Original Message-----
From: Matt Smith [mailto:ratman6@...thlink.net] 
Sent: Saturday, January 25, 2003 7:29 PM
To: 'Richard M. Smith'; jasonc@...ence.org; 'Jay D. Dyson'; 'Bugtraq';
'Full-Disclosure'
Subject: [Full-Disclosure] RE: MS SQL WORM IS DESTROYING INTERNET BLOCK
PORT 1434!


Guys,
    This puppy is FAR from harmless and I mean far, This SOB is gonna
wind up worse than Code Red, Nimda, or even the great worm of '88.  I
doubt very much the Morris Worm downed ENTIRE COUNTRIES, as Sapphire did
to South Korea today.  Cyberterrorism has been spoken of for years.
Well, guess what boys and girls, it's here, right now. :(.  Curious this
thing started up on a Friday night isn't it??? All the sysadmins are
gone for the weekend and thus could not respond it a timely fashion to
this latest security threat.  This one is not gonna cleaned up for
awhile.  I think this thing was written as a weapon of terrorism and it
is doing its job.  Much to the chagrin of the people like me who now
have to deal with the backlash this thing is causing :(.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ