lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.50L0.0308120727580.19866-100000@cia.zemos.net>
From: booger at unixclan.net (security snot)
Subject: aside:  worm vs. worm?

Darren,

Had this worm been directed at any opensource vendor, would you feel the
same?  If the Snort worm had been designed to launch attacks against
SourceFire, are you telling me you wouldn't bitch about the mean kids
picking on Marty and Brian?

My guess is this worm was written by Max Butler.

-snot

-----------------------------------------------------------
"Whitehat by day, booger at night - I'm the security snot."
- CISSP / CCNA / A+ Certified - www.unixclan.net/~booger/ -
-----------------------------------------------------------

On Tue, 12 Aug 2003, Darren Reed wrote:

> In some mail from Andrew J Homan, sie said:
> >
> > It seems that between the time dcom.c first starting popping up around
the
> > internet and today, there was ample time for someone to write and
release a
> > worm designed to patch infected systems and remove any sign of itself.
> > Given that on the 16th of this month windowsupdate.com will be DDOSed,
does
> > anyone else see this as an opportunity for a war of worms with
> > windowsupdate.com at stake?  Would anyone consider releasing a patching
> > worm on their own network if they knew it wouldn't spread to the rest of
> > the internet or is there a downside to this notion which I'm not
realizing?
>
> You know, if the DDoS was targetted at someone innocent, I might be
> more sympathetic towards the problem of a web site being DDoS'd.
>
> But it's Microsoft's own web site that is being targeted and it is
> through their own bug that it is being made possible.  As much as
> they would like to point the finger at others for making the code
> available to do it, if their software didn't have the bug, it would
> not be possible it all.  Hrm, I don't really want to start _THAT_
> discussion again, but I don't think you will find much, if any,
> sympathy for Microsoft being targetted by this worm.  They're a
> large, rich, monopoly of a company.  Do they really deserve any
> nice sympathy at all ?  I suspect I'm not alone in these feelings.
>
> Darren
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ