lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
From: pauls at utdallas.edu (Schmehl, Paul L)
Subject: A worm...

I can't speak for the others, but McAfee was detecting this worm just
fine as soon as it hit our network.  The only thing wrong was that it
didn't have the name correct, but who really cares about that?  We set
up our scanners to always scan archives and zip files, so something like
this is no big deal.  We've quarantined over 900 copies in the past 20
hours, so it's a big deal to somebody....

Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 

> -----Original Message-----
> From: ATD [mailto:simon@...soft.com] 
> Sent: Thursday, June 26, 2003 9:15 AM
> To: *Hobbit*
> Cc: full-disclosure@...ts.netsys.com
> Subject: RE: [Full-Disclosure] A worm...
> 
> 
> Yes, 
> 	And this was my point. Are the crafty "worm gods" 
> creating worms that evade detection by using compression and 
> other methods?  If they are doing this, and if they are 
> creating the "stealth worms" whats next. Zip files would be 
> just one of hundreds of ways to hide worms. Maybe the virus 
> scanning technology needs to be kicked up a notch or two.

Powered by blists - more mailing lists