| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200308071733.h77HXuPp006651@turing-police.cc.vt.edu> From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: Red Bull Worm On Thu, 07 Aug 2003 11:47:48 CDT, Brian Eckman <eckman@....edu> said: > Pardon me if I am just plain ignorant, but where is this worm, and how > on earth is it "more effective than Code Red ever was" already if nobody > is talking about it? The only evidence of a worm I have seen is one > person showing comments supposedly from source code of some program > calling itself a worm... The monitors at www.dshield.org *are* showing a slight rise in port 445 and 135 events, and there's been a lot of chatter about widespread exploits. On the other hand, I've not seen any firm evidence it's made the jump from "scanner/ exploit tool" to worm - there's certainly no CodeRed-sized spike in the monitors (*YET* - if the worm has a slow first-phase deployment, things could get interesting later this week).. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030807/a980f7fd/attachment.bin
Powered by blists - more mailing lists