| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200308130506.h7D56336006588@techmonkeys.org> From: wcc at techmonkeys.org (Wcc) Subject: Windows Dcom Worm planned DDoS > -----Original Message----- > From: full-disclosure-admin@...ts.netsys.com > [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of > Andrew Thomas > Sent: Tuesday, August 12, 2003 6:00 AM > To: bugtraq@...urityfocus.com; full-disclosure@...ts.netsys.com > Subject: [Full-Disclosure] Windows Dcom Worm planned DDoS > > Hi, > > The examinations of the code so far indicate that the worm is > coded to DoS the windowsupdate site from the 15th of August > onwards through the end of the year. > > I haven't seen anything mentioning whether or not the IP is > hardcoded. If not, shouldn't Microsoft just set the forward > resolve to 127.0.0.1 for a period of time? > > That will probably save many, many $'s of wasted traffic. True, and if the IP is hardcoded, then the machine can just be assigned new IPs (and the others nulled), and operation would continue as normal. > -- > Andrew G. Thomas > Hobbs & Associates Chartered Accountants (SA) > (o) +27-(0)21-683-0500 > (f) +27-(0)21-683-0577 > (m) +27-(0)83-318-4070 Wcc
Powered by blists - more mailing lists