lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20030128000954.GG26621@abpi.net>
From: sunseri at abpi.net (Albert Sunseri)
Subject: Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

The article has some interesting implications in its own right.
However, if no damage whatsoever was done by hte worm then 
who would bother with the repercussions of the proof of concept?

And I belive that Jason Coombs' point is about the degree of damage.
Or to be metaphorical, the size of the horse that gets let out of the stable
before the door is closed.

An additional ethical issue would arise if the worm was written as a proof of concept
and was never meant to 'escape' into the wild....

Just tossin pennies,
-------------
Albert Sunseri
Information want to be priceless 
sunseri@...i.net

On Sat, Jan 25, 2003 at 06:11:12PM -0500, Richard M. Smith wrote:
> From: "Richard M. Smith" <rms@...puterbytesman.com>
> To: <jasonc@...ence.org>, "'Jay D. Dyson'" <jdyson@...achery.net>,
>         "'Bugtraq'" <bugtraq@...urityfocus.com>,
>         "'Full-Disclosure'" <full-disclosure@...ts.netsys.com>
> Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
> Date: Sat, 25 Jan 2003 18:11:12 -0500
> 
> However, this worm might not be so harmless as it appears because of
> collateral damage:


>    Bank of America ATMs Disrupted by Virus
>  
> http://story.news.yahoo.com/news?tmpl=story&ncid=578&e=3&cid=569&u=/nm/2
> 0030125/tc_nm/tech_virus_dc
> 
>    "SEATTLE (Reuters) - Bank of America Corp. said on 
>    Saturday that customers at a majority of its 13,000 
>    automatic teller machines were unable to process 
>    customer transactions after a malicious computer worm 
>    nearly froze Internet traffic worldwide."
> 
> Richard M. Smith
> http://www.ComputerBytesMan.com
> 
> -----Original Message-----
> From: Jason Coombs [mailto:jasonc@...ence.org] 
> Sent: Saturday, January 25, 2003 4:41 PM
> To: Jay D. Dyson; Bugtraq
> Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
> 


... snip ....

> 
> As of now we don't know who wrote the worm, but we do know that it looks
> like a concept worm with no malicious payload. There is a good argument
> to
> be made in favor of such worms. Whomever did write this worm could have
> done
> severe damage beyond unfocused DDoS and chose not to do so. One would
> expect
> intelligence agencies in developed countries to write and release
> precisely
> this type of concept worm as a form of mass inoculation against
> malicious
> attacks.

... snip ...

> Sincerely,
> 
> Jason Coombs
> jasonc@...ence.org


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ