lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <002901c44f1e$0c825de0$c700a8c0@wfs.com>
From: mr.bill.bilano at email.server.unix.bill.bilano.biz (Billy B. Bilano)
Subject: Possible First Crypto Virus Definitely Discovered!

Hi Sean!

I have given up on this news group for the time being as everybody was
sending me hate mail because of my virus report and calling me nasty names
(like "troll"). LOL! And I can run quite fast, thank you very much!

I wound up blocking port 443 inbound and outbound on the firewall to stop
the spread of the virus! It seems to have worked but now we are facing
bigger problems! None of our bank customers can get into the system any
more! They click the "login" button and it just gives them a "page not
found" error. Oddly enough it works from inside the office but not outside!
(I can't test since I bank with the other place) Nobody in the office seems
to be able to buy anything from websites. I can't even get into our CDW
account to buy more floppy disks!

Since you can't get rid of a virus like this we are going to get rid of the
Windows! The CEO told me to get rid of the virus and get the servers back up
at whatever the cost! So now that I have a blank check I am going to do
what's right and go BIG IRON! I am putting in the PO for four loaded Sunfire
6800's to replace our two dual Xeon Windows web servers. Since the site is
already written in JAVA it should be no problem since Suns run the JAVA in
hardware!

I am a little concerned because Sun calls these mid-range servers and Dell
calls our dual Xeon servers "high-end", but Sun's web sites assures me they
are good for "financial services" in they Key Industries list -- and we're a
bank so that's us! Just in case, I am buying two extra 6800's so we'll have
four web servers instead of two! I sure hope they are good enough...

I am sure these will be much better in terms of security though as Sun is
putting a Canary in them to stop buffer overflows! Just like the old days in
the mine shafts! The XOR is protected, too, from what I understand. So with
these we wont have to worry about the w32.ssl.bs!

P.S. Don't forget to check my bloglog! <http://www.bilano.biz/>

--------
Mr. Billy B. Bilano, MSCE, CCNA
<http://www.bilano.biz/>
Expert Sysadmin Since 2003!
'C:\WINDOWS, C:\WINDOWS\GO, C:\PC\CRAWL'  -- RMS


----- Original Message ----- 
From: "Sean Crawford" <sean01@...net.com.au>
To: <full-disclosure@...ts.netsys.com>
Sent: Thursday, June 10, 2004 9:35 AM
Subject: RE: [Full-Disclosure] Possible First Crypto Virus Definitely
Discovered!


> Does anyone keep track of the record number of bites in a thread to a
> Trolling run...this would have to be close to a record...
>
> A rather successful fishing trip Bilano....what's the catch weigh in
as??...
>
>
> --> Angoitia
> -->
> --> dont feed the clown!
> -->
> -->
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ