lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3F6B26BA.3020909@well.com>
From: caferace at well.com (J. Race)
Subject: Web counter in the new Swen/Gibe.F worm

The counter wasn't necessarily a good indication of infected hosts. Who 
knows what they started it as? Seeing as how it wasn't that hard to 
find, it could have been a low-grade publicity stunt. It could have been 
done in a far more stealthy manner.

-jim

security@...arr4.dnsalias.net wrote:

> It's a shame the counter was replaced, this gave us a good idea of how
> many hosts were infected and could reveal real numbers of the rate of
> infection - I'm still recieving these emails, over 100 overnight.
> 
> Maybe the admins of vutbr.cz would open their web logs to give us more
> accurate information about the point of origin and rate of spread.
> 
> If anyone wants the numbers I collected (I have data from the 18th at
> 13:56 through 4:30am today) I'd be happy to provide them.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ