Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Authorities eye MSBlaster suspect

From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Fri, 29 Aug 2003 14:00:12 -0500
-----Original Message-----
From: Ben Nelson [mailto:lists () venom600 org] 
Sent: Friday, August 29, 2003 11:57 AM
To: morning_wood 
Cc: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] Authorities eye MSBlaster suspect


You need to keep in mind that affected != infected.  Many of 
us admins who don't even administrate a single windows box 
were affected by amount of bandwidth consumed by people who 
were infected.  This thing effectively created a denial of 
service on many networks and any host trying to use that 
network (be it an infected windows box or one of my hundreds of unix
boxes) was, at the very least, significantly slowed down.


Sobig did that as well.  Even without a single infection on your
network, the support people were overwhelmed with phone calls and
emails, some mail servers collapsed under the load, technical staff
consumed time looking for workarounds and stopgap measures to keep the
stupid bounce and virus warning messages out.  The cost is enormous,
even without being infected.  And it affects every single user, whether
they were using Windows, *nix or Mac.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: