| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: R.Ferris at napier.ac.uk (Ferris, Robin) Subject: shout out 4 ... Thanks for that. I've got a lot of useful info as regards the way this worm used the network. has any one been able to work out why it goes quiet for periods of time. I thought it might have been whilst it was replicating but was not sure. Also does any one know why it seems to scan a single subnet over and over again? like its stuck in a loop or something? TIA RF -----Original Message----- From: John.Airey@...b.org.uk [mailto:John.Airey@...b.org.uk] Sent: 24 September 2003 13:33 To: R.Ferris@...ier.ac.uk Subject: RE: [Full-Disclosure] shout out 4 ... I've seen a short log where Nachia is sending out ICMP packets at the rate of 100 per second. Is this any use? - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 John.Airey@...b.org.uk How is it that some people have strongly held beliefs on the contents of the Bible and the Origin of Species without having read either? -----Original Message----- From: Ferris, Robin [mailto:R.Ferris@...ier.ac.uk] Sent: 23 September 2003 12:18 To: full-disclosure@...ts.netsys.com Subject: [Full-Disclosure] shout out 4 ... Hi im looking for a detailed sniffer analysis of nachia, I had watched theinfo flow through this list when it first appeared. However some one has just asked for some help but specifically from the detailed network sniffer side of things. Things like packet sizes, frequency of scans, scan pattersn etc etc TIA RF - NOTICE: The information contained in this email and any attachments is confidential and may be legally privileged. If you are not the intended recipient you are hereby notified that you must not use, disclose, distribute, copy, print or rely on this email's content. If you are not the intended recipient, please notify the sender immediately and then delete the email and any attachments from your system. RNIB has made strenuous efforts to ensure that emails and any attachments generated by its staff are free from viruses. However, it cannot accept any responsibility for any viruses which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030924/535574a0/attachment.html
Powered by blists - more mailing lists