lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <BAY9-DAV23Rh303lB5c0007653b@hotmail.com>
From: jbistogood at hotmail.com (Jon)
Subject: Possible First Crypto Virus Definitely Discovered!

Make sure you block port 80 as well, the dreaded w32@....web virus uses this
port. If you see any traffic on there, then chances are you have it.

----- Original Message ----- 
From: "Billy B. Bilano" <mr.bill.bilano@...il.server.unix.bill.bilano.biz>
To: <full-disclosure@...ts.netsys.com>
Sent: Tuesday, June 08, 2004 8:00 PM
Subject: Re: [Full-Disclosure] Possible First Crypto Virus Definitely
Discovered!


> Oliver! Hello!
>
> SSL is the same port as HTTPS ? OMFG then we have a bigger problem than I
> ever imagined!! HOLY SMOKES! I am going to block port 443 right now and I
> urge ALL of you to do the same before this gets out of control!
>
> Also, Oliver, I am sure I am telling you something you don't know, but you
> have a bunch of crypto code that is more then likely a virus at the end of
> your message! In fact, you are so infected, that it seems the crypto code
is
> longer then the entire message you sent! This is probably how it spreads!
I
> saw a couple of other people on this thing already that had this same
> symptom.
>
> Good luck, everybody! I hope we can cleanse our systems of this 443 virus!
>
> --------
> Mr. Billy B. Bilano, MSCE, CCNA
> <http://www.bilano.biz/>
> Expert Sysadmin Since 2003!
> 'C:\WINDOWS, C:\WINDOWS\GO, C:\PC\CRAWL'  -- RMS
>
>
>
> ----- Original Message ----- 
> From: "Oliver Welter" <mail@...wel.de>
> To: <full-disclosure@...ts.netsys.com>
> Cc: "Billy B. Bilano" <mr.bill.bilano@...il.server.unix.bill.bilano.biz>
> Sent: Tuesday, June 08, 2004 12:43 PM
> Subject: Re: [Full-Disclosure] Possible First Crypto Virus Definitely
> Discovered!
>
>
> > hi Guys,
> >
> > I'm new to the list, so hello first ;)
> > I really dont know if you are just kidding or if I missunderstod your
> > post...
> > Port 443 is the SecureHTTP protocol (https) - so it is correct that it
> > is bound to a webserver process and it is correct that SSL-encryptet
> > traffic goes in and out - so whats the matter ?
> >
> > Oliver
> > -- 
> > Diese Nachricht wurde digital unterschrieben
> > oliwel's public key: http://www.oliwel.de/oliwel.crt
> > Basiszertifikat: http://www.ldv.ei.tum.de/page72
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ