[<prev] [next>] [day] [month] [year] [list]
Message-ID: <269620-22003112713439408@M2W057.mail2web.com>
From: mattmurphy at kc.rr.com (mattmurphy@...rr.com)
Subject: SOPHISTICATION OF THE WORM
Not knowing the motivation of its author, I will offer the following
comments:
The random number generation on this worm, well, sucks. There have already
been numerous posts explaining how the worm will get "stuck" attacking the
same network hundreds of times over. The author also included no control
mechanisms on the worm, so it almost immediately begins to exhaust outbound
bandwidth.
That said, I think the spread of this worm is probably at or beyond the
level
of what it's original author expected, seeing all of the press it got.
Really, this worm could have been made to be a lot more efficient (e.g, not
PUSHing strings, and not using registers for constant values, etc.). I get
the impression that the author didn't want/feel the need/wasn't able to
write
a simple decoder for this thing.
Original Message:
-----------------
From: backed.up.by.2048.bit.encryption@...hmail.com
Date: Sun, 26 Jan 2003 15:30:29 -0800
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] SOPHISTICATION OF THE WORM
-----BEGIN PGP SIGNED MESSAGE-----
What is the consensus on the sophistication and quality of this worm?
Is it something that only an "adult" could have written? Is it a brilliant,
ingenious piece of work, or is it nothing extraordinary and something any
cut
and paste kid could have achieved?
What is the quality of its functionality like? Is it doing precisely what
it
was coded to do? Could the author have coded it to do more? Are there any
errors in it?
Can one determine if it is achieving precisely the results the author
intended, based on its coding, or would (or is ) the author surprised by
its
effects?
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify
wnUEARECADUFAj40b1IuHGJhY2tlZC51cC5ieS4yMDQ4LmJpdC5lbmNyeXB0aW9uQGh1
c2htYWlsLmNvbQAKCRDEHQGvBp4eRJhmAJ9CBcdGAP0HQiyO+Eh/h6ez3+ALjwCggTEq
IdslTIRQfg/z4f4IIkPoung=
=aQFY
-----END PGP SIGNATURE-----
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Big $$$ to be made with the HushMail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosu
--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .
Powered by blists - more mailing lists