| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: RE: DCOM RPC exploit On Sat, 26 Jul 2003 23:49:05 PDT, "Steve W. Manzuik" said: > A worm exploiting this might happen, but is it really that big of a deal? Compare the number of boxes that have the bug Slapper exploited with the number of boxes that have DCOM open to the world.... When I hear that a worm's finally been spotted, I'm yanking my laptop off the net and going home - and it's a Linux box. I'm just expecting to not get any useful connectivity for a while. And of course, anybody who's got half a clue and writes a worm is going to have it drop off a trojan/backdoor... And then those boxes get used as spam relays, front-end boxes for porn websites, keyboard sniffers, etc etc. Gonna take a LONG time to clean that mess up. Hell, we're *still* seeing Code Red traffic. And what we've *NOT* seen in the last 2 years is a CERT advisory of this magnitude against a Microsoft product that didn't spawn a "Holy Shit" scale worm. Unfortunately, we've gotten so lulled by the "Just another damned worm" scenario that maybe it's NOT a big deal anymore. And that's just as scary as the actual worm. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030727/4351b4e5/attachment.bin
Powered by blists - more mailing lists