Full Disclosure mailing list archives
RE: Windows Dcom Worm planned DDoS
From: "Chris Eagle" <cseagle () redshift com>
Date: Tue, 12 Aug 2003 04:30:47 -0700
The IP is not hard coded. It does a lookup on "windowsupdate.com" Chris -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com]On Behalf Of Andrew Thomas Sent: Tuesday, August 12, 2003 3:00 AM To: bugtraq () securityfocus com; full-disclosure () lists netsys com Subject: [Full-disclosure] Windows Dcom Worm planned DDoS Hi, The examinations of the code so far indicate that the worm is coded to DoS the windowsupdate site from the 15th of August onwards through the end of the year. I haven't seen anything mentioning whether or not the IP is hardcoded. If not, shouldn't Microsoft just set the forward resolve to 127.0.0.1 for a period of time? That will probably save many, many $'s of wasted traffic. -- Andrew G. Thomas Hobbs & Associates Chartered Accountants (SA) (o) +27-(0)21-683-0500 (f) +27-(0)21-683-0577 (m) +27-(0)83-318-4070 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Windows Dcom Worm planned DDoS Andrew Thomas (Aug 12)
- RE: Windows Dcom Worm planned DDoS Chris Eagle (Aug 12)
- RE: Windows Dcom Worm planned DDoS Andrew Thomas (Aug 12)
- Re: [normal] RE: Windows Dcom Worm planned DDoS opticfiber (Aug 12)
- Re: [normal] RE: Windows Dcom Worm planned DDoS martin f krafft (Aug 12)
- Re: [normal] RE: Windows Dcom Worm planned DDoS martin f krafft (Aug 12)
- RE: Re: [normal] RE: Windows Dcom Worm planned DDoS Marc Maiffret (Aug 12)
- RE: Windows Dcom Worm planned DDoS Andrew Thomas (Aug 12)
- Re: [normal] RE: Windows Dcom Worm planned DDoS James Greenhalgh (Aug 12)
- Re: [normal] RE: Windows Dcom Worm planned DDoS morning_wood (Aug 12)
- RE: Windows Dcom Worm planned DDoS Chris Eagle (Aug 12)
- RE: Windows Dcom Worm planned DDoS Andrew Thomas (Aug 12)
- Re: Windows Dcom Worm planned DDoS Franky Van Liedekerke (Aug 12)