Full Disclosure mailing list archives
Re: Windows Dcom Worm planned DDoS
From: Reveret Julien <shaddai () nerim net>
Date: Wed, 13 Aug 2003 00:59:27 +0200
On Tue, Aug 12, 2003 at 07:02:37PM +0200, Sebastian Niehaus wrote:
And, of course, if MS started messing with the DNS entries for windowsupdate.com, it would be cutting an awful lot of users off from much needed updates. which could be as disturbing as the rest of the worm's effects...Could be a nice feature of a worm to modify the "hosts" file and prevent infected maschines to do DNS lookups.
Interesting concept :)
Users typing "www.microsoft.com" into their browsers could be tricked into downloading stuff from hostile servers and the "windows update" could be disabeled easily.
What if someone shutdowns the server ? I think a worm could be more efficient by disabling windowsupdate.com (ptr to 127.0.0.1), preventing users from patching easily their system.
This probably istn't a new concept, eh?
I don't know. -- We are the knights who say echo '16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D4D465452snlbxq'|dc
Attachment:
_bin
Description:
Current thread:
- Re: Windows Dcom Worm planned DDoS, (continued)
- Re: Windows Dcom Worm planned DDoS Franky Van Liedekerke (Aug 12)
- Re: Windows Dcom Worm planned DDoS Jeremiah Cornelius (Aug 12)
- RE: Windows Dcom Worm planned DDoS Nick FitzGerald (Aug 12)
- Re: Windows Dcom Worm planned DDoS Matthew Murphy (Aug 12)
- Re: Windows Dcom Worm planned DDoS Valdis . Kletnieks (Aug 13)
- Re: Windows Dcom Worm planned DDoS Max Valdez (Aug 15)
- Re: Windows Dcom Worm planned DDoS Valdis . Kletnieks (Aug 16)
- Re: Windows Dcom Worm planned DDoS martin f krafft (Aug 12)
- Re: Re: Windows Dcom Worm planned DDoS Sebastian Niehaus (Aug 13)
- Windows Dcom Worm Killer w g (Aug 13)
- Re: Windows Dcom Worm Killer Joey (Aug 13)
- Re: Windows Dcom Worm Killer Nick FitzGerald (Aug 13)
- Re: Windows Dcom Worm Killer and source code w g (Aug 13)
- RE: Windows Dcom Worm planned DDoS Chris Eagle (Aug 14)
- DDos counter measures Laurent LEVIER (Aug 14)
- Re: DDos counter measures Nick FitzGerald (Aug 14)