[<prev] [next>] [day] [month] [year] [list]
Message-ID: <f26bc1930704180658k411fc011me7c1f19044b36e6c@mail.gmail.com>
Date: Wed, 18 Apr 2007 16:58:58 +0300
From: "Zed Qyves" <zqyves.spamtrap@...il.com>
To: full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: MS DNS worm
Hello Geo,
According to Symantec Blog "W32.Rinbot.BC" was the first worm to
incorporate the DNS exploit in its spreading methods.
Furthermore "W32.Rinbot.BC opens a back door that connects to the
x.rofflewaffles.us domain and awaits for commands from the attacker."
Is this something your customer is experiencing?
Z.
--
---------------------------------------------------------------------
Κρέων
ἐν τῇδ᾽ ἔφασκε γῇ· τὸ δὲ ζητούμενον
ἁλωτόν, ἐκφεύγειν δὲ τἀμελούμενον.
Οιδίπους Τύρρανος [110]
---------------------------------------------------------------------
Creon
In this our land, so said he, those who seek Shall find; unsought, we
lose it utterly.
Oedipus Rex [110]
---------------------------------------------------------------------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists