[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [inbox] Re: [Full-Disclosure] Re: DoomJuice.A, Mydoom.A source code

To: "'Frank Knobbe'" <frank@knobbe.us>, <full-disclosure@lists.netsys.com>
Subject: RE: [inbox] Re: [Full-Disclosure] Re: DoomJuice.A, Mydoom.A source code
From: "Curt Purdy" <purdy@tecman.com>
Date: Tue, 10 Feb 2004 12:01:26 -0600

Frank Knobbe wrote:
<snip>
> As for the code, have you tried catching the bug with a honeypot? I
> heard of people using netcat listening on port 3127 to catch
> the bug...

An easy alternative would be to catch the MyDoom.A virus (just kill you AV
and open a few emails), then DoomJuice will kindly drop the source for
MyDoom.A on you're box.

Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] Re: DoomJuice.A, Mydoom.A source code
  - From: Frank Knobbe <frank@knobbe.us>

Prev by Date: [Full-Disclosure] new security patches posted on Microsoft
Next by Date: [Full-Disclosure] EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
Previous by thread: Re: [Full-Disclosure] Re: DoomJuice.A, Mydoom.A source code
Next by thread: [Full-Disclosure] Re: Re: DoomJuice.A, Mydoom.A source code
Index(es):
- Date
- Thread