| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: mr.bill.bilano at email.server.unix.bill.bilano.biz (Billy B. Bilano) Subject: Possible First Crypto Virus Definitely Discovered! Hi Sean! I have given up on this news group for the time being as everybody was sending me hate mail because of my virus report and calling me nasty names (like "troll"). LOL! And I can run quite fast, thank you very much! I wound up blocking port 443 inbound and outbound on the firewall to stop the spread of the virus! It seems to have worked but now we are facing bigger problems! None of our bank customers can get into the system any more! They click the "login" button and it just gives them a "page not found" error. Oddly enough it works from inside the office but not outside! (I can't test since I bank with the other place) Nobody in the office seems to be able to buy anything from websites. I can't even get into our CDW account to buy more floppy disks! Since you can't get rid of a virus like this we are going to get rid of the Windows! The CEO told me to get rid of the virus and get the servers back up at whatever the cost! So now that I have a blank check I am going to do what's right and go BIG IRON! I am putting in the PO for four loaded Sunfire 6800's to replace our two dual Xeon Windows web servers. Since the site is already written in JAVA it should be no problem since Suns run the JAVA in hardware! I am a little concerned because Sun calls these mid-range servers and Dell calls our dual Xeon servers "high-end", but Sun's web sites assures me they are good for "financial services" in they Key Industries list -- and we're a bank so that's us! Just in case, I am buying two extra 6800's so we'll have four web servers instead of two! I sure hope they are good enough... I am sure these will be much better in terms of security though as Sun is putting a Canary in them to stop buffer overflows! Just like the old days in the mine shafts! The XOR is protected, too, from what I understand. So with these we wont have to worry about the w32.ssl.bs! P.S. Don't forget to check my bloglog! <http://www.bilano.biz/> -------- Mr. Billy B. Bilano, MSCE, CCNA <http://www.bilano.biz/> Expert Sysadmin Since 2003! 'C:\WINDOWS, C:\WINDOWS\GO, C:\PC\CRAWL' -- RMS ----- Original Message ----- From: "Sean Crawford" <sean01@...net.com.au> To: <full-disclosure@...ts.netsys.com> Sent: Thursday, June 10, 2004 9:35 AM Subject: RE: [Full-Disclosure] Possible First Crypto Virus Definitely Discovered! > Does anyone keep track of the record number of bites in a thread to a > Trolling run...this would have to be close to a record... > > A rather successful fishing trip Bilano....what's the catch weigh in as??... > > > --> Angoitia > --> > --> dont feed the clown! > --> > --> > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists