Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

From: "Greg A. Woods" <woods () weird com>
Date: Sat, 25 Jan 2003 22:11:08 -0500 (EST)
[ On Saturday, January 25, 2003 at 18:11:12 (-0500), Richard M. Smith wrote: ]

Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

However, this worm might not be so harmless as it appears because of
collateral damage:

   Bank of America ATMs Disrupted by Virus
 
http://story.news.yahoo.com/news?tmpl=story&ncid=578&e=3&cid=569&u=/nm/2
0030125/tc_nm/tech_virus_dc

   "SEATTLE (Reuters) - Bank of America Corp. said on 
   Saturday that customers at a majority of its 13,000 
   automatic teller machines were unable to process 
   customer transactions after a malicious computer worm 
   nearly froze Internet traffic worldwide."


I'm wondering more if maybe BofA had a bunch of their own unpatched and
un-firewalled M$-SQL servers sitting around like lame ducks waiting to
be picked off.....

Of course even if they were patched they'd be pretty much off the air if
they weren't running through a (V)PN by the time ISPs got around to
blocking their access....

-- 
                                                                Greg A. Woods

+1 416 218-0098;            <g.a.woods () ieee org>;           <woods () robohack ca>
Planix, Inc. <woods () planix com>; VE3TCP; Secrets of the Weird <woods () weird com>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: