[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040609050142.C2C01194E1@gateway.mailvault.com>
From: job317 at mailvault.com (Job 317)
Subject: Possible First Crypto Virus Definitely Discovered!
Thought I might weigh in with a serious comment (although I might regret
it later ;) ).
Any Web hack attack can be sent using the openssl s_client program. You
pipe your attack over an SSL connection to port 443 (or to whatever port
is defined as an SSL port on the victim host).
This has been around for ages. Actually, I am a little surprised in
retrospect that I haven't seen much use of it.
Maybe I took this a little too seriously but this is nothing new.
Job
On 9-Jun-2004 03:00:18 +0200, you wrote:
> We're all feeling a little silly today. This thread has kept me
chuckling all
> day tho. I don't know what's funnier, the tongue-in-cheek replies or
the
> serious ones!
>
>
>
> On Tuesday 08 June 2004 16:06, Picciano, Anthony wrote:
> > Did I pick or weird day to join this maillist, or is it always this
silly?
> >
> > -----Original Message-----
> > From: full-disclosure-admin@...ts.netsys.com
> > [mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Micah
> > McNelly
> > Sent: Tuesday, June 08, 2004 4:32 PM
> > To: full-disclosure@...ts.netsys.com
> > Subject: Re: [Full-Disclosure] Possible First Crypto Virus
Definitely
> > Discovered!
> >
> >
> > Greatest post of all time.
> >
> > /me claps.
> >
> > /m
> > ----- Original Message -----
> > From: "Goudie, Derek" <derek.goudie@...thtech.ca>
> > To: <full-disclosure@...ts.netsys.com>
> > Sent: Tuesday, June 08, 2004 1:54 PM
> > Subject: RE: [Full-Disclosure] Possible First Crypto Virus
Definitely
> > Discovered!
> >
> > > Thanks! I needed that....
> > >
> > > -----Original Message-----
> > > From: Jakob Jünger [mailto:krimskram@...enet.de]
> > > Sent: Tuesday, June 08, 2004 1:01 PM
> > > To: full-disclosure@...ts.netsys.com
> > > Subject: Re: [Full-Disclosure] Possible First Crypto Virus
Definitely
> > > Discovered!
> > >
> > > Hi,
> > >
> > > I just can admit to what Billy wrote. The Firewall of my PDA is
getting
> > > hot. It plays "Yellow Submarine" everytime I press the escape-key.
It
> > > has to be something like this crypto-thing. I don't know what
"crypto"
> > > means but it seems to be encrypted with EnglishLanguageProtocol.
> > > Believe me, I have been the administrator of my PDA since I was
three
> > > years old.
> > >
> > > Jakob
> > >
> > > > Whatever ssl is, I don't know but it's using the so-called
"ssl"
> > > > port on the web servers.
> > > >
> > > > But this port 443 is not SSH! Why should it be encrypted? And
what
> > > > is this "ssl" thing? I've been in IT for many years and I am now
IT
> > > > Director here at the bank... I would think that I would know
what
> > > > "ssl" would be. I don't think this worm has anything to do with
> > > > whatever "ssl" is. Does anybody even still use ssl? That's
probably
> > > > why the hackers chose it.
> > > >
> > > >Sorry to say but it is not! I checked my incoming traffic again
this
> > >
> > > morning
> > >
> > > >and the attack on port 443 is still coming in full steam ahead!
I
> > >
> > > don't know
> > >
> > > >what's going on, but I am about to block that port on my
firewall.
> > >
> > > Some
> > >
> > > >nitwit (probably the idiot that was here before I became IT
Director)
> > > >somehow, for some reason, deliberately opened port 443 on the
> > >
> > > firewalls!
> > >
> > > >I am beginning to think that this is the first wave of the new
coming
> > >
> > > global
> > >
> > > >crypto-storm!
> > >
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.netsys.com/full-disclosure-charter.html
> > >
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
Powered by blists - more mailing lists