lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: scheidell at secnap.net (Michael Scheidell) Subject: [sean@...elan.com: Symantec detected Slammer worm "hours" before] > > Wow, Symantec is making an amazing claim. They were able to detect > the slammer worm "hours" before. Did anyone receive early alerts from > Symantec about the SQL slammer worm hours earlier? Academics have > estimated the worm spread world-wide, and reached its maximum scanning > rate in less than 10 minutes. It might be possible that they saw some of the initial 'load' traffic, source port 69, or src port 53, dst port udp 1434, but this was mostly some code almost 100% based on the litchfield exploit. (oh, we saw it on December 19th and DID notify several IPS's and have the logs to prove it) -- Michael Scheidell, CEO SECNAP Network Security, LLC Sales: 866-SECNAPNET / (1-866-732-6276) Main: 561-368-9561 / www.secnap.net Looking for a career in Internet security? http://www.secnap.net/employment/
Powered by blists - more mailing lists