Full Disclosure mailing list archives
[Full-Disclosure] Re: Contents of Full-disclosure digest
From: Valmont vbamont <valmont27 () yahoo com>
Date: Wed, 13 Aug 2003 16:57:45 -0700 (PDT)
micro$ have its group of software genius to do junkware.. open source is free speech.. M$ is goin down as people are getting more smarter each day and he cant catch us all..
Today's Topics: 1. Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) (Jeremiah Cornelius) 2. Upcoming MS chat (John Sec) 3. Re: smarter dcom worm (Jeremiah Cornelius) 4. next blaster variant on its way (Brown, Bobby (US - Hermitage)) 5. Microsoft MCWNDX.OCX ActiveX buffer overflow (Tri Huynh) 6. new msblaster on the loose? (David Vincent) 7. RE: windowsupdate.com (Turk, Anthony) 8. Re: windowsupdate.com (KF) 9. Re[2]: [Full-Disclosure] MSBLASTER - aka LOVESAN/POZA ? (Geysap) 10. Re: Windows Dcom Worm Killer (r1an () hush ai) 11. Cisco Security Advisory: CiscoWorks Application Vulnerabilities (Cisco Systems Product Security Incident Response Team) 12. Denial of Service Vulnerability in NFS on IRIX (SGI Security Coordinator) 13. Re: new msblaster on the loose? (Person) 14. Re: Microsoft MCWNDX.OCX ActiveX buffer overflow (Thor Larholm) 15. Administrivia: List Contact Changes (Len Rose) 16. RE: smarter dcom worm (gml) 17. RE: dobble-clicking msblast.exe (gml) 18. RE: smarter dcom worm (gml) 19. RE: recent RPC/DCOM worm thought (Kerry Steele) 20. OpenBSD protect windows update ? (D B) 21. RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) (Joey) 22. Re: [Dshield] new msblaster on the loose? (John Sage) 23. (forw) [f0x () squirrelsoup net: Re: [Full-Disclosure] windowsupdate.com] (Gabe Arnold) 24. Re: windowsupdate.com (Felipe Scuciatto dos Santos) 25. Firewalls (Geo.) 26. Re: windowsupdate.com (Laurent LEVIER) 27. Re: Vulnerability Disclosure Debate (Ben Laurie) 28. FW: [Full-Disclosure] smarter dcom worm (Bassett, Mark) 29. Re: Windows Dcom Worm Killer (w g) --__--__-- Message: 1 From: Jeremiah Cornelius <jeremiah () nur net> To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Date: Wed, 13 Aug 2003 09:06:25 -0700 <SNIP>Just to pile on...http://www.eweek.com/article2/0,3959,1200038,00.asp"The federal government last week awarded a $90million contract toMicrosoft Corp. to provide the Department ofHomeland Security withdesktop and server software." Tax dollars at work...<SNIP> In the trainwreck clusterfrag against Jeffersonian Democracy that is DHS, one can only be glad that they are stuck with M$ junkware. I wouldn't want Stassi using good software either... -- Jeremiah Cornelius, CISSP, CCNA, MCSE Information Security Technology email: jcorneli () hotmail com - mobile: 415.235.7689 "What would be the use of immortality to a person who cannot use well a half hour?" --Ralph Waldo Emerson --__--__-- Message: 2 From: "John Sec" <john_sec_lists () hotmail com> To: full-disclosure () lists netsys com Date: Wed, 13 Aug 2003 16:32:57 +0000 Subject: [Full-disclosure] Upcoming MS chat I thought some of you might want to participate in this one: August 18: Chat with a Microsoft executive about the Blaster worm - Discussion on Trustworthy Computing and security at Microsoft with Security Business Unit Vice President Mike Nash. Come with your questions on security products, initiatives and issues for Mike.
http://www.microsoft.com/technet/treeview/?url=/technet/itcommunity/chats/
_________________________________________________________________
Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail --__--__-- Message: 3 From: Jeremiah Cornelius <jeremiah () nur net> To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] smarter dcom worm Date: Wed, 13 Aug 2003 09:36:10 -0700 On Tuesday 12 August 2003 04:51 pm, Marc Maiffret wrote: <SNIP>You are correct in that "this worm sucks" but Ithink you could moreeloquently put it as "this is probably the biggestpile of shit gluedtogether crap ass excuse for a worm" that I'veever seen. >:-] That is NOTto say it is not being affective and damagingthough. It is definitely abad one.<SNIP> Thanks for getting this out there, Marc! I have been trying to indicate to victims in my customer base that they should be glad that this first round is a bit of a hassle, but maybe a blessing for them, because the worm is junk code - just short of a dud. Hey! Free, unscheduled assessment! We will undoubtably see a transition to a more robust transport and exploit code, coupled with a more threatening payload - like the Code Red / Nimda transition in 2001. I am afraid that the number of vectors will go up, though. All the port-blocks and ACLs that drop Blaster will be conveniently avoided for the next wave here. Anyone who cherry-picked symptomatic approaches over a holistic application of depth defenses are still going to be hit - and they'll wonder just how it could have happened again! -- Jeremiah Cornelius, CISSP, CCNA, MCSE Information Security Technology email: jcorneli () hotmail com - mobile: 415.235.7689 "What would be the use of immortality to a person who cannot use well a half hour?" --Ralph Waldo Emerson --__--__-- Message: 4 From: "Brown, Bobby (US - Hermitage)" <bobbrown () deloitte com> To: full-disclosure () lists netsys com Date: Wed, 13 Aug 2003 11:04:31 -0500 Subject: [Full-disclosure] next blaster variant on its
=== message truncated === __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [Full-Disclosure] Re: Contents of Full-disclosure digest Valmont vbamont (Aug 13)