[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] DCOM/RPC story (Analogy)
- To: Steven Fruchter <steven_fruchter@xxxxxxxxxxx>
- Subject: Re: [Full-Disclosure] DCOM/RPC story (Analogy)
- From: ww@xxxxxxxx
- Date: Sun, 31 Aug 2003 18:31:23 -0400
On Sun, Aug 31, 2003 at 12:19:35PM -0700, Steven Fruchter wrote:
> That is completely moronic to act as if he did not do anything but just
> hex edit the code and change the name for example on the .exe . He also
> like a moron had the infected drones contact his website (which he is
> registered to) so that he can see who has been infected to control them.
> This means that he had more than just wanting to change the name of an
> .exe for example, it shows his intent.
I was not aware of this. Yes, it changes the scenario somewhat:
it mitigates the amount of "damage" of that could be caused by
the worm if he had just changed some text strings.
Consider: all drones controlled by a single entity or drones
controlled by multiple uncoordinated entities. Which has the
greatest potential for, say, a coordinated DDOS attack?
Of course distrupting the worm's control mechanism probably
wasn't his intent. So maybe he's a bit misguided but mostly
harmless.
> Regardless of what he did or didn't do, he will
> probably get the blame of the entire thing
Trial by media anyone?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html