[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Mydoom: perfect storm averted or just ahead?

To: Computer Security <c2_protect@hotmail.com>
Subject: Re: [Full-Disclosure] Mydoom: perfect storm averted or just ahead?
From: Roelof Temmingh <roelof@sensepost.com>
Date: Thu, 29 Jan 2004 10:49:23 +0200 (SAST)

> 2.  It would be difficult for a malicious programmer, cyber terrorists or
> cyber activists to target a specific environment and protect others ( Eg.,
> launch denial of service against SCO.com because I like LINUX and don’t like
> SCO legal actions.  Protect my computer at Berkley.edu because I don’t want
> to effect my own Email.)  Programmers can easily modify code and launch an
> attack against another environment.

Not sure I totally agree here. While it is difficult to target a specific
network or system with worm technology it is possible - to an certain
extent at least. Refer to http://www.sensepost.com/misc/bh2003lv.doc for
some ideas on how that could be done. The document describes attacks that
are wide-spread, yet focussed - it was presented at BlackHat, Las Vegas,
2003.

my 1c,
Roelof.

=====================
Roelof Temmingh
roelof@sensepost.com
+27 12 667 4737
GMT+2
=====================


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Mydoom: perfect storm averted or just ahead?
  - From: "Computer Security" <c2_protect@hotmail.com>

Prev by Date: [Full-Disclosure] Mydoom: perfect storm averted or just ahead?
Next by Date: [Full-Disclosure] MyDoom bios infection
Previous by thread: [Full-Disclosure] Mydoom: perfect storm averted or just ahead?
Next by thread: [Full-Disclosure] Microsoft's fix for URL username:password@ obfuscation
Index(es):
- Date
- Thread