Full Disclosure mailing list archives
RE: MyDoom download info
From: "Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>
Date: Sun, 1 Feb 2004 11:56:45 +1300
-----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Steve Wray Sent: Sunday, 1 February 2004 10:46 a.m. To: 'Paul Schmehl'; full-disclosure () lists netsys com Subject: RE: [Full-disclosure] MyDoom download info If a virus could spread slowly but stealthily, it could be all over the planet and activated before any antivirus vendor became aware of its presence and came out with a fix; it wouldn't matter much if it took a year of quiet spreading.
Nah, that would work if there were no honeypots. I'm sure that 99% of AV companies, as well as numerous other security companies/individuals run honeypots and they would catch this pretty quickly as your worm can't know what's honeypot and what isn't (I'm not going into honeypot detection techniques now). Therefore, the only way for a worm to be successful is to spread as fast as it can, what in turn results in disruptions of service for host machine and easier detection. Cheers, Bojan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: MyDoom download info, (continued)
- Re: MyDoom download info Valdis . Kletnieks (Jan 31)
- Re: MyDoom download info Oliver Schneider (Jan 31)
- Re: MyDoom download info Roland Dobbins (Jan 31)
- mydoom.exe decyphering? Danny (Jan 31)
- Re: [Full-Disc]: mydoom.exe decyphering? Anders (Jan 31)
- RE: MyDoom download info first last (Jan 30)
- RE: MyDoom download info Steve Wray (Jan 30)
- Re: MyDoom download info Valdis . Kletnieks (Jan 31)
- Re: MyDoom download info Paul Schmehl (Jan 31)
- RE: MyDoom download info Steve Wray (Jan 31)
- RE: MyDoom download info Bojan Zdrnja (Jan 31)
- RE: MyDoom download info Steve Wray (Jan 30)
- Re: MyDoom download info Puneet Arora (Jan 31)
- RE: MyDoom download info Steve Wray (Jan 30)