lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3F5281CE.2040208@alfray.com>
From: ralfml at alfray.com (Ralf)
Subject: DCOM/RPC story (Analogy)

madsaxon wrote:
> Assuming that he is, in fact, responsible.  If I wanted
> to release a worm and blame someone else for it, the first thing
> I'd do is pick out some basically clueless kiddie who's been

Sure but then why wasn't the original version doing so?
Why limiting the target to one script kiddie and letting him have a 
backdoor control over it?
Why contacting only one IP? Given the expected spread of the worm, 
contacting one sole site would almost be similar to DDoSing yourself in 
the foot.

What you suggest is almost as if someone steals a credit card and order 
stons of stuff online and have it delivered at the card's owner home. 
He/she sure would have a lot of trouble proving the bank it was 
fraudulent, but then why would this be done but by someone who knows and 
hates that person?

Yet it's all right. Tracing the original responsible person/group is 
probably so much trouble that authorities will love having someone easy 
to blame.

R/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ