lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20040323030702.VRRQ323940.fep04-mail.bloor.is.net.cable.rogers.com@BillDell>
From: full-disclosure at royds.net (Bill Royds)
Subject: When do exploits get used?

My daughter had to re-install part of Windows XP from CD because of some
disk problems. She forgot to take the machine off the Internet while doing
it and was infected immediately by MSBlaster as soon as the CD restored some
older DLL code.
   I wonder if anyone has actually newly connected to the Internet in the
last 6 months. Anybody buying a new XP computer that has a network
connection will be infected by MSBlaster and find their machines almost
unusable. People on this list would probably know how to disable the reboot
for RPCS using the Service manager, but most home users would have no idea
how to fix the problem. I wonder how many computers are sitting there
rebooting every few minutes because of blaster and no one knows what to do

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Luke Scharf
Sent: March 22, 2004 5:32 PM
To: Jay Beale
Cc: Paul Schmehl; full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] When do exploits get used?

On Mon, 2004-03-22 at 17:13, Jay Beale wrote:
> You may find this discussion academic.  But the exploit writers and the 
> worm writers are getting faster.  And that's what should scare us into 
> moving beyond patches.  That's what should get us moving to better 
> network and host configurations.  That's what should get us to evaluate 
> patching as, at most, the easy, but most critical, 50%.

I would say that we could all agree that not patching is a recipe for
disaster -- and that it's very easy to keep up to date. 

But, my 90% figure comes from the accidental plugging of unpatched
Windows machines into the open network.  Every time I do that, the
machine is running msblast in a few minutes.  And as near as I tell,
it's not my machines that are doing it (except for that one unpatched
machine that I spend an hour rebuilding)...

-Luke

-- 
Luke Scharf, Systems Administrator
Virginia Tech Aerospace and Ocean Engineering

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ