[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20030128000954.GG26621@abpi.net>
From: sunseri at abpi.net (Albert Sunseri)
Subject: Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
The article has some interesting implications in its own right.
However, if no damage whatsoever was done by hte worm then
who would bother with the repercussions of the proof of concept?
And I belive that Jason Coombs' point is about the degree of damage.
Or to be metaphorical, the size of the horse that gets let out of the stable
before the door is closed.
An additional ethical issue would arise if the worm was written as a proof of concept
and was never meant to 'escape' into the wild....
Just tossin pennies,
-------------
Albert Sunseri
Information want to be priceless
sunseri@...i.net
On Sat, Jan 25, 2003 at 06:11:12PM -0500, Richard M. Smith wrote:
> From: "Richard M. Smith" <rms@...puterbytesman.com>
> To: <jasonc@...ence.org>, "'Jay D. Dyson'" <jdyson@...achery.net>,
> "'Bugtraq'" <bugtraq@...urityfocus.com>,
> "'Full-Disclosure'" <full-disclosure@...ts.netsys.com>
> Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
> Date: Sat, 25 Jan 2003 18:11:12 -0500
>
> However, this worm might not be so harmless as it appears because of
> collateral damage:
> Bank of America ATMs Disrupted by Virus
>
> http://story.news.yahoo.com/news?tmpl=story&ncid=578&e=3&cid=569&u=/nm/2
> 0030125/tc_nm/tech_virus_dc
>
> "SEATTLE (Reuters) - Bank of America Corp. said on
> Saturday that customers at a majority of its 13,000
> automatic teller machines were unable to process
> customer transactions after a malicious computer worm
> nearly froze Internet traffic worldwide."
>
> Richard M. Smith
> http://www.ComputerBytesMan.com
>
> -----Original Message-----
> From: Jason Coombs [mailto:jasonc@...ence.org]
> Sent: Saturday, January 25, 2003 4:41 PM
> To: Jay D. Dyson; Bugtraq
> Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
>
... snip ....
>
> As of now we don't know who wrote the worm, but we do know that it looks
> like a concept worm with no malicious payload. There is a good argument
> to
> be made in favor of such worms. Whomever did write this worm could have
> done
> severe damage beyond unfocused DDoS and chose not to do so. One would
> expect
> intelligence agencies in developed countries to write and release
> precisely
> this type of concept worm as a form of mass inoculation against
> malicious
> attacks.
... snip ...
> Sincerely,
>
> Jason Coombs
> jasonc@...ence.org
Powered by blists - more mailing lists