[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] msblast.exe
- To: "''Full-Disclosure'" <full-disclosure@lists.netsys.com>
- Subject: Re: [Full-Disclosure] msblast.exe
- From: Cedric Raguenaud <security@raguenaud.org>
- Date: Tue, 12 Aug 2003 00:58:41 +0100
Has it peaked already? It could be only just me because I only have data
from one of my firewalls at hand, therefore generalisation might be
misguided, but it shows a peak at about 1900 GMT, then a sharp decrease:
http://www.raguenaud-online.org/cedric/dcom/dcom.jpg
It seems consistent with the Symantec preliminary document if I interpret
then correctly, though:
https://tms.symantec.com/members/AnalystReports/030811-Alert-DCOMworm.pdf
It might not live long enough to start DoSing windowsupdate.com at this rate.
Robert Ersoni wrote:
> Here is the latest on this from McAfee and Trend.
>
> http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100547
>
>
> http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MSB
> LAST.A
>
>
> Rob.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html