lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: simon at snosoft.com (ATD)
Subject: A worm...

Yep, 
	A few of our clients in both the public and private sectors were hit by
this too. What awes me is simple common sense would evade the entire
problem. Ah well... ;)


On Thu, 2003-06-26 at 11:33, Schmehl, Paul L wrote:
> I can't speak for the others, but McAfee was detecting this worm just
> fine as soon as it hit our network.  The only thing wrong was that it
> didn't have the name correct, but who really cares about that?  We set
> up our scanners to always scan archives and zip files, so something like
> this is no big deal.  We've quarantined over 900 copies in the past 20
> hours, so it's a big deal to somebody....
> 
> Paul Schmehl (pauls@...allas.edu)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/~pauls/
> 
> > -----Original Message-----
> > From: ATD [mailto:simon@...soft.com] 
> > Sent: Thursday, June 26, 2003 9:15 AM
> > To: *Hobbit*
> > Cc: full-disclosure@...ts.netsys.com
> > Subject: RE: [Full-Disclosure] A worm...
> > 
> > 
> > Yes, 
> > 	And this was my point. Are the crafty "worm gods" 
> > creating worms that evade detection by using compression and 
> > other methods?  If they are doing this, and if they are 
> > creating the "stealth worms" whats next. Zip files would be 
> > just one of hundreds of ways to hide worms. Maybe the virus 
> > scanning technology needs to be kicked up a notch or two.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030626/49596c0f/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ