lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: ISS Security Brief: "MS Blast" MSRPC DCOM Worm
 Propagation (fwd)

"Dennis Heaton" <dennish@...cast.net> wrote:

> On the car radio today I heard that the Maryland Dept. of Motor Vehicles was
> shutdown completely as well as numerous other state and federal agencies in
> the USA.

Wow -- really?

They cannot do _any business whatsoever_ if they cannot expose a  pile 
of crap like MS RPC to the Internet?  Code that MS now openly admits 
should never be exposed to "hostile environments"?  Who was responsible 
for such horrendous mis-design?

Is that monumentally stupid or what?

Or was a case of this type of thing:

   http://vmyths.com/rant.cfm?id=241&page=4

Or was it mis-reporting?


Regards,

Nick FitzGerald

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ