Full Disclosure mailing list archives
RE: msblast
From: "gml" <gml () phrick net>
Date: Mon, 11 Aug 2003 19:23:19 -0400
Does anyone know if it somehow disables the ability to use Windows Update features? For some reason I can no longer run windows update, I'm going to look into it. -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of harq deman Sent: Monday, August 11, 2003 5:31 PM To: full-disclosure () lists netsys com Subject: [Full-disclosure] msblast yawn.. OK.. the worm.. again It scans a randon b class based on the current hosts address it does not kill any AV products or firewalls it does not hide processes, files or network activity from the kernel when it packets windowsupdate.com on the 16th, it spoofs the last 2 octets of the source ip address, and continues to scan D-.. must try harder --harq
Current thread:
- msblast harq deman (Aug 11)
- RE: msblast gml (Aug 11)