[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200401290432.i0T4W3b09233@singularity.tronunltd.com>
From: Ian.Latter at mq.edu.au (Ian Latter)
Subject: alleged bios infection - was Re: OpenBSD 'pf' port (was FreeBSD heap to Linux)
Juari,
You were right, that was a time waster, but you're fishing with that
comment.
If you have the time to talk shop, then I'd like to ask about your virus
findinings. You appear to have gone to a lot of trouble to debug
this virus but you've left out some fairly critical information;
> It was also unknown that the virus infects the BIOS of the computer it
> infects by injecting a 624bytes backdoor written in FORTH which will open
> port tcp when Mydoom will be executed AFTER febuary 12.
1. Which TCP port does it listen on?
2. Which BIOS (or motherboard) is this likely to occur on? (hard one -
what instructions does it use to enable write to the chip - the
LinuxBIOS project should then help me find the boards that this
will affect).
Whether my anti-virus company wants me to wear this or not, I'd
like to minimise the impact of any vulnerability that you may be able
to identifty in this regard.
Thanks for your time,
----- Original Message -----
>From: "Juari Bosnikovich" <juarib@...et.arbornet.org>
>To: "Ian Latter" <itsecurity@...edu.au>
>Subject: Re: [Full-Disclosure] OpenBSD 'pf' port (was FreeBSD heap to Linux)
>Date: Wed, 28 Jan 2004 21:36:23 -0500
>
>
>
> On Thu, 29 Jan 2004, Ian Latter wrote:
>
> >
> > > Human-readable syntax.
> > >
> > > Lucid syntax is an indispensable security measure. Errors should be GLARING
> > > and obvious!
> >
> > Ok - Fair enuff.
> >
> > Though there's nothing quite as obvious as a new home page painted
> > by your fav' 1337 cr3w to show holes in firewall rules ;o]
>
> you has alot of free time to say useless things
> my monkey once told me "why oh why do you keep doing it".
> the thing with monkeys is you only have to give them a banana to make them
> shut up.
>
> > --
> > Ian Latter
> > IT Security Officer
> > Macquarie University
>
>
--
Ian Latter
Internet and Networking Security Officer
Macquarie University
Meet me at the Australian Unix and open systems
User Group (AUUG) Security Symposium; 2004
http://www.auug.org.au/events/2004/security/
Powered by blists - more mailing lists