| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20030812225927.GA1502@kavado> From: shaddai at nerim.net (Reveret Julien) Subject: Windows Dcom Worm planned DDoS On Tue, Aug 12, 2003 at 07:02:37PM +0200, Sebastian Niehaus wrote: > > And, of course, if MS started messing with the DNS entries for > > windowsupdate.com, it would be cutting an awful lot of users off from > > much needed updates. which could be as disturbing as the rest of the > > worm's effects... > > Could be a nice feature of a worm to modify the "hosts" file and > prevent infected maschines to do DNS lookups. Interesting concept :) > Users typing "www.microsoft.com" into their browsers could be tricked > into downloading stuff from hostile servers and the "windows update" > could be disabeled easily. What if someone shutdowns the server ? I think a worm could be more efficient by disabling windowsupdate.com (ptr to 127.0.0.1), preventing users from patching easily their system. > This probably istn't a new concept, eh? I don't know. -- We are the knights who say echo '16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D4D465452snlbxq'|dc -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030813/be78b2fb/attachment.bin
Powered by blists - more mailing lists