Security Incidents mailing list archives
Re: Flash Worms
From: jaywhy <jaywhy2 () home com>
Date: Sat, 18 Aug 2001 13:15:45 -0400
It really wouldn't matter even if you only got to 20%, 10% or even 5% of the vulnerable hosts. Those computer running a DDOS attack against anything would completely destroy it. According to netcraft http://www.netcraft.co.uk/survey/ there is over 7 million apache web servers that are up. Now if you found an exploit like the one code red exploited in apache. Even if you only got to 20% of the web servers with the payload, that still a good million or so servers out there infected. What if this worm happened to be really malicious and trashed web sites, deleted hard drives, or run some sort of DDOS attack. Even spawn some kinda nuke program in the internal network hooked up to the web server. Lord knows there is never a shortage of new nukes out for windows flavors. Now I do doubt anyone who would release this would have access to a OC-12 line to release the payload. But that doesn't mean he/she couldn't hack into a site that does. Or hack into multiple sites and release the payload from multiple sites at one time. We talk about this kinda attack now and don't believe it. But someone wanting to prove you all wrong will do it, and it will probably happen it just depends on when. -- Jason Yates jaywhy2 () home com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Flash Worms Stuart Staniford (Aug 17)
- Re: Flash Worms Michal Zalewski (Aug 18)
- Re: Flash Worms Stuart Staniford (Aug 18)
- Re: Flash Worms Michal Zalewski (Aug 18)
- Re: Flash Worms jaywhy (Aug 18)
- Re: Flash Worms Dragos Ruiu (Aug 19)
- Re: Flash Worms Shoten (Aug 23)
- Re: Flash Worms Kevin Reardon (Aug 24)
- Re: Flash Worms Stuart Staniford (Aug 18)
- Re: Flash Worms Stuart Staniford (Aug 22)
- Re: Flash Worms Michal Zalewski (Aug 18)
- Re: Flash Worms Bruno Treguier (Aug 21)
- Re: Flash Worms Kevin Reardon (Aug 22)
- Re: Flash Worms Jose Nazario (Aug 19)
- Flash Worms and congestion Stuart Staniford (Aug 22)
- <Possible follow-ups>
- Re: Flash Worms Vern Paxson (Aug 22)