[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] recent RPC/DCOM worm thought

To: "'full-disclosure@lists.netsys.com'" <full-disclosure@lists.netsys.com>
Subject: [Full-Disclosure] recent RPC/DCOM worm thought
From: "Eichert, Diana" <deicher@sandia.gov>
Date: Wed, 13 Aug 2003 06:42:03 -0600

I've been thinking about how "poorly" this worm was 
written and how it really wasn't very malicious, just 
very time consuming, forcing people/companies to 
install patches to their systems.

Now here's an alternative thought about it.

What if "someone" purposely wrote this worm to get 
the attention of people to patch their systems, not 
to DOS the mickeysoft upgrade site.  If they really 
wanted to create a DOS against a website they wouldn't 
have postponed it for 4 days.  That's a long time in 
today's world.

I mean if you were mickeysoft and there was a known 
security hole wouldn't it be in you best interest to 
have the first real exploit of it be relatively benign?
It gets everyone's attention and they are forced to 
install the latest security patch.

anyway, my US$.02 worth

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] recent RPC/DCOM worm thought
  - From: "Mike buRdeN" <burden@burden.cc>

Prev by Date: RE: [Full-Disclosure] aside: worm vs. worm?
Next by Date: Re[2]: [Full-Disclosure] PacBell Internet blocked port 135
Prev by thread: RE: [Full-Disclosure] windowsupdate.com
Next by thread: Re: [Full-Disclosure] recent RPC/DCOM worm thought
Index(es):
- Date
- Thread