RE: [Full-Disclosure] Possible First Crypto Virus Definitely Disc overed!

["Goudie, Derek" <derek.goudie@xxxxxxxxxxxx>]

Thanks!  I needed that....

-----Original Message-----
From: Jakob Jünger [mailto:krimskram@xxxxxxxxxx] 
Sent: Tuesday, June 08, 2004 1:01 PM
To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Possible First Crypto Virus Definitely
Discovered!

Hi,

I just can admit to what Billy wrote. The Firewall of my PDA is getting
hot. It plays "Yellow Submarine" everytime I press the escape-key. It
has to be something like this crypto-thing. I don't know what "crypto"
means but it seems to be encrypted with EnglishLanguageProtocol.
Believe me, I have been the administrator of my PDA since I was three
years old.

Jakob

> Whatever ssl is, I don't know but it's using the so-called "ssl"
> port on the web servers.

> But this port 443 is not SSH! Why should it be encrypted? And what
> is this "ssl" thing? I've been in IT for many years and I am now IT
> Director here at the bank... I would think that I would know what
> "ssl" would be. I don't think this worm has anything to do with
> whatever "ssl" is. Does anybody even still use ssl? That's probably
> why the hackers chose it.

>Sorry to say but it is not! I checked my incoming traffic again this
morning
>and the attack on port 443 is still coming in full steam ahead! I
don't know
>what's going on, but I am about to block that port on my firewall.
Some
>nitwit (probably the idiot that was here before I became IT Director)
>somehow, for some reason, deliberately opened port 443 on the
firewalls!

>I am beginning to think that this is the first wave of the new coming
global
>crypto-storm!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html