lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <107A63CDD8FCD511BA9F0050BAB07BA82DEC16@NHEX1101>
From: arjen.de.landgraaf at cologic.co.nz (Arjen De Landgraaf)
Subject: [sean@...elan.com: Symantec detected Slamme
	r worm "hours" before]

E-Secure-IT's first decision to put out a Red Alert on port 1434 was 
on Saturday, January 25, 2003 10:19:12 PM New Zealand Daylight Time 

This red alert was based on a  number of conversations at the Nanog list. 
We started to monitor the actual effect some three hours before on 
our networks, around 19:00 New Zealand time 

New Zealand is 12 hours ahead of GMT, so subtract some 18 hours for USA.

Arjen
E-Secure-IT
www.e-secure-it.us



-----Original Message-----
From: Rick Updegrove (security) [mailto:security@...egrove.net]
Sent: Friday, 14 February 2003 7:23 a.m.
To: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] [sean@...elan.com: Symantec detected
Slammer worm "hours" before]


----- Original Message -----
From: "Len Rose" <len@...sys.com>
To: <full-disclosure@...ts.netsys.com>
Sent: Thursday, February 13, 2003 9:48 AM
Subject: [Full-Disclosure] [sean@...elan.com: Symantec detected Slammer worm
"hours" before]


> Wow, Symantec is making an amazing claim.  They were able to detect
> the slammer worm "hours" before.  Did anyone receive early alerts from
> Symantec about the SQL slammer worm hours earlier?

The first I heard of SQ_Hell (The first name given it by Geoff Shively of
http://www.pivx.com) was dated Jan 25 2003 7:11AM here:

http://online.securityfocus.com/archive/1/308306/2003-01-24/2003-01-30/2

I don't use symantec products so I wouldn't have gotten any notice from
them.  Someone else will have to verify that their notices went out before
Michael Bacarella's post.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ