[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <001201c36097$69b2f590$6401a8c0@navi>
From: gml at phrick.net (gml)
Subject: aside: worm vs. worm?
In fact, you could probably take that kaht2 source and modify it to drop a
patch payload instead of a Trojan. Please whatever you do, don't write a
worm, we already have enough traffic for the moment ;-)
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Andrew J Homan
Sent: Monday, August 11, 2003 9:55 PM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] aside: worm vs. worm?
It seems that between the time dcom.c first starting popping up around the
internet and today, there was ample time for someone to write and release a
worm designed to patch infected systems and remove any sign of itself.
Given that on the 16th of this month windowsupdate.com will be DDOSed, does
anyone else see this as an opportunity for a war of worms with
windowsupdate.com at stake? Would anyone consider releasing a patching
worm on their own network if they knew it wouldn't spread to the rest of
the internet or is there a downside to this notion which I'm not realizing?
Andrew J. Homan
Software Engineering Intern
http://www.cnt.com/
NOTE: Views and/or opinions expressed are not those of CNT.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists