lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <006101c4875e$390a52f0$0500a8c0@pc01>
From: fulldisclosure at wateraxe.demon.nl (fulldisclosure@...eraxe.demon.nl)
Subject: The 'good worm' from HP

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I really don't KNOW what HP is doing, but I would assume that it's
just a 'product' and not a worm. Meaning, you can probably setup 1
system on your network that scans a specified range (for example only
your workstations if you're worried about your servers getting
autopatched). So any machines that are somehow not picked up by your
normal patch management system (maybe it's not a member of your
domain ..) will still get patched. I also assume they will not
'infect' any machines to use them to scan further (ie worm
behaviour). I'm not saying this is all good or bad, but I was reading
this thread and it seems you are all expecting HP to just let this
loose on the internet.

Allan


[snip]

I hope the HP folk have read it and thought very carefully about all 
this...  (Sadly the media reports are too "light and fluffy" to make 
anything sensible of what HP is really proposing.)
[/snip]



- - -- 
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBQScQtpNqa4mRthN9EQL1lwCfb594IT8yK46290dA7VGw1Gw/YcQAn0O3
16uV3oCHHymuvCGUqHPoY4uc
=+HGg
-----END PGP SIGNATURE-----



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ