lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: mattmurphy at kc.rr.com (mattmurphy@...rr.com)
Subject: SOPHISTICATION OF THE WORM

Not knowing the motivation of its author, I will offer the following 
comments:

The random number generation on this worm, well, sucks.  There have already 
been numerous posts explaining how the worm will get "stuck" attacking the 
same network hundreds of times over.  The author also included no control 
mechanisms on the worm, so it almost immediately begins to exhaust outbound 
bandwidth.

That said, I think the spread of this worm is probably at or beyond the
level 
of what it's original author expected, seeing all of the press it got.

Really, this worm could have been made to be a lot more efficient (e.g, not 
PUSHing strings, and not using registers for constant values, etc.).  I get 
the impression that the author didn't want/feel the need/wasn't able to
write 
a simple decoder for this thing.

Original Message:
-----------------
From:  backed.up.by.2048.bit.encryption@...hmail.com
Date: Sun, 26 Jan 2003 15:30:29 -0800
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] SOPHISTICATION OF THE WORM



-----BEGIN PGP SIGNED MESSAGE-----

What is the consensus on the sophistication and quality of this worm?

Is it something that only an "adult" could have written? Is it a brilliant, 
ingenious piece of work, or is it nothing extraordinary and something any
cut 
and paste kid could have achieved?

What is the quality of its functionality like? Is it doing precisely what
it 
was coded to do? Could the author have coded it to do more? Are there any 
errors in it?

Can one determine if it is achieving precisely the results the author 
intended, based on its coding, or would (or is ) the author surprised by
its 
effects?


-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wnUEARECADUFAj40b1IuHGJhY2tlZC51cC5ieS4yMDQ4LmJpdC5lbmNyeXB0aW9uQGh1
c2htYWlsLmNvbQAKCRDEHQGvBp4eRJhmAJ9CBcdGAP0HQiyO+Eh/h6ez3+ALjwCggTEq
IdslTIRQfg/z4f4IIkPoung=
=aQFY
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2 

Big $$$ to be made with the HushMail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosu

--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ