lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <36402DCC1069D411922D00508B5B2CC21E3F2B9E@ex-server1.napier.ac.uk>
From: R.Ferris at napier.ac.uk (Ferris, Robin)
Subject: shout out 4 ...

Thanks for that. I've got a lot of useful info as regards the way this worm
used the network. has any one been able to work out why it goes quiet for
periods of time. I thought it might have been whilst it was replicating but
was not sure. Also does any one know why it seems to scan a single subnet
over and over again? like its stuck in a loop or something?
 
TIA
 
RF

-----Original Message-----
From: John.Airey@...b.org.uk [mailto:John.Airey@...b.org.uk]
Sent: 24 September 2003 13:33
To: R.Ferris@...ier.ac.uk
Subject: RE: [Full-Disclosure] shout out 4 ...


I've seen a short log where Nachia is sending out ICMP packets at the rate
of 100 per second. Is this any use?
- 
John Airey, BSc (Jt Hons), CNA, RHCE 
Internet systems support officer, ITCSD, Royal National Institute of the
Blind, 
Bakewell Road, Peterborough PE2 6XU, 
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 John.Airey@...b.org.uk 

How is it that some people have strongly held beliefs on the contents of the
Bible and the Origin of Species without having read either?

-----Original Message-----
From: Ferris, Robin [mailto:R.Ferris@...ier.ac.uk]
Sent: 23 September 2003 12:18
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] shout out 4 ...


Hi
 
im looking for a detailed sniffer analysis of nachia, I had watched theinfo
flow through this list when it first appeared. However some one has just
asked for some help but specifically from the detailed network sniffer side
of things. 
 
Things like packet sizes, frequency of scans, scan pattersn etc etc
 
TIA
 
RF


- 


NOTICE: The information contained in this email and any attachments is 

confidential and may be legally privileged. If you are not the 

intended recipient you are hereby notified that you must not use, 

disclose, distribute, copy, print or rely on this email's content. If 

you are not the intended recipient, please notify the sender 

immediately and then delete the email and any attachments from your 

system.


RNIB has made strenuous efforts to ensure that emails and any 

attachments generated by its staff are free from viruses. However, it 

cannot accept any responsibility for any viruses which are 

transmitted. We therefore recommend you scan all attachments.


Please note that the statements and views expressed in this email 

and any attachments are those of the author and do not necessarily 

represent those of RNIB.


RNIB Registered Charity Number: 226227


Website: http://www.rnib.org.uk 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030924/535574a0/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ