Full Disclosure mailing list archives
Re: Wanted: Sasser executable and derivatives
From: Syke <syke () mantissecurity net>
Date: Sun, 27 Jun 2004 20:05:26 -0700
Bob Perriero wrote:
Wouldn't it be easier to use honeyd(www.honeyd.org) with an LSASS or mydoom script? That way you can just check the logs for the binaries that were uploaded?If you really want viruses to study, it's not so difficult to put up an unpatched windows system directly attached to your cable modem (no firewall/router) and let it sit overnight. I'm sure that you will get more viruses than you'll ever need. Then simply load up knoppix or knoppix-std and retrieve all your files. -Bob ----- Original Message ----- From: The Central Scroutinizer <scroutinizer () beeb net> Date: Sat, 26 Jun 2004 17:50:00 +0100 Subject: [Full-disclosure] Wanted: Sasser executable and derivatives To: full-disclosure () lists netsys com Hi again, Would you please send any executables direct to me, zipped and encoded with a password in order to get through my e-mail anti virus software, Many thanks CS _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
-- Syke, Founder of Mantis Security Networks http://www.MantisSecurity.net Bringing Security To New Standards _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Wanted: Sasser executable and derivatives The Central Scroutinizer (Jun 26)
- <Possible follow-ups>
- Wanted: Sasser executable and derivatives The Central Scroutinizer (Jun 26)
- Re: Wanted: Sasser executable and derivatives Bob Perriero (Jun 27)
- Re: Wanted: Sasser executable and derivatives Syke (Jun 27)
- Re: Wanted: Sasser executable and derivatives James Riden (Jun 28)
- Re: Wanted: Sasser executable and derivatives Steve Kudlak (Jun 28)
- Re: Wanted: Sasser executable and derivatives Bob Perriero (Jun 27)