lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <002001c35d06$9f15d160$0100a8c0@cp30f99b0ae7a6>
From: cheekypeople at sec33.com (CHeeKY)
Subject: Red Bull Worm

I say CloseButNoCigar"


-------------------------------------------------------------------------
FIGHT BACK AGAINST SPAM!
Download Spam Inspector, the Award Winning Anti-Spam Filter
http://mail.giantcompany.com


----- Original Message ----- 
From: "Berend-Jan Wever" <SkyLined@...p.tudelft.nl>
To: <full-disclosure@...ts.netsys.com>
Sent: Thursday, August 07, 2003 5:18 PM
Subject: Re: [Full-Disclosure] Red Bull Worm


> Why not call it SkyNet, after T3 ?
>
> SkyLined
> ----- Original Message ----- 
> From: "Joel R. Helgeson" <joel@...geson.com>
> To: <full-disclosure@...ts.netsys.com>
> Sent: Thursday, August 07, 2003 17:53
> Subject: [Full-Disclosure] Red Bull Worm
>
>
> > Lets see, the last big worm to exploit windows was named Code Red after
> the
> > Mountain Dew Code Red was brought to market.  Being that this worm is
much
> > more effective than Code Red ever was, I say worm should be named Red
Bull
> > as it is sure to exhibit much more energy than the Code Red worm.
> >
> > ---- Original Message ----- 
> > From: "Stephen" <alf1num3rik@...oo.com>
> > To: <full-disclosure@...ts.netsys.com>
> > Sent: Thursday, August 07, 2003 5:25 AM
> > Subject: [Full-Disclosure] DCOM Worm/scanner/autorooter !!!
> >
> >
> > >
> > > Hello here,
> > >
> > > a new worm is on the wild, it uses the exploit
> > > released by k-otik (48 targets -
> > > http://www.k-otik.com/exploits/07.30.dcom48.c.php)
> > >
> > > look this shit :
> > >
> > > /* RPC DCOM WORM v 2.2  -
> > >  * This code is in relation to a specific DDOS IRCD
> > > botnet project.
> > >  * You may edit the code, and define which ftp to
> > > login
> > >  * and which .exeutable file to recieve and run.
> > >  * I use spybot, very convienent
> > >  * -
> > >  * So basicly script kids and brazilian children, this
> > > is useless to you
> > >  *
> > >
> > > So PATCH PATCH PATCH and block the ports 135 - 139
> > > -445 - 593
> > >
> > > Regards.
> > >
> > > Stephen - Germany
> > >
> > > __________________________________
> > > Do you Yahoo!?
> > > Yahoo! SiteBuilder - Free, easy-to-use web site design software
> > > http://sitebuilder.yahoo.com
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.netsys.com/full-disclosure-charter.html
> > >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ