Full Disclosure mailing list archives

RE: MyDoom.b samples taken down

From: Steve Wray <steve.wray () paradise net nz>
Date: Mon, 02 Feb 2004 21:11:12 +1300

From: full-disclosure-admin () lists netsys com 
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of 
Bill Royds

[snip]

To amateur "virus researchers", unless you have a "Clean 
room" to test the virus (a completely isolated computer network with

the

ability to catch all possible traffic and machine state changes), you

have little

likelihood of finding something new before you re-infect the Internet

with

the virus.


I second that, and would like to add the phrase 'air gap'
:)

Its an important notion.

The ability of nasties to get from the clean room to machines
on your LAN or the internet should be limited to the capacitance
of thin air. No wires.



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: MyDoom.b samples taken down, (continued)
- - - Re: MyDoom.b samples taken down Valdis . Kletnieks (Feb 01)
    - Re: MyDoom.b samples taken down Nick FitzGerald (Feb 01)
    - Re: MyDoom.b samples taken down Nick FitzGerald (Feb 01)
    - Re: MyDoom.b samples taken down Nick FitzGerald (Feb 01)
    - old bug - new wired Papp Geza (Feb 01)
    - Re: MyDoom.b samples taken down Kurt Weiske (Jan 31)
- RE: MyDoom.b samples taken down Brad Griffin (Feb 01)
- RE: MyDoom.b samples taken down first last (Feb 01)
  - RE: MyDoom.b samples taken down Bill Royds (Feb 01)
    - Re: MyDoom.b samples taken down Valdis . Kletnieks (Feb 01)
    - RE: MyDoom.b samples taken down Steve Wray (Feb 02)
    - RE: MyDoom.b samples taken down Steve Wray (Feb 02)
- RE: MyDoom.b samples taken down first last (Feb 01)
  - RE: MyDoom.b samples taken down Nick FitzGerald (Feb 01)
- RE: MyDoom.b samples taken down Dowling, Gabrielle (Feb 01)
  - RE: MyDoom.b samples taken down Todd Burroughs (Feb 02)