lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <001001c360b8$834ee2e0$0101a8c0@gfserver>
From: andrewt at nmh.co.za (Andrew Thomas)
Subject: Windows Dcom Worm planned DDoS

Hi,

The examinations of the code so far indicate that the worm is 
coded to DoS the windowsupdate site from the 15th of August 
onwards through the end of the year.

I haven't seen anything mentioning whether or not the IP is
hardcoded. If not, shouldn't Microsoft just set the forward
resolve to 127.0.0.1 for a period of time?

That will probably save many, many $'s of wasted traffic.

--
Andrew G. Thomas
Hobbs & Associates Chartered Accountants (SA)
(o) +27-(0)21-683-0500
(f) +27-(0)21-683-0577
(m) +27-(0)83-318-4070

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ