Vulnerability Development mailing list archives
Re: A code red that could bring down the net?
From: Lynn Crumbling <lynn () x hjsoft com>
Date: Wed, 25 Jul 2001 03:30:06 -0400 (EDT)
On Tue, 24 Jul 2001, Felix Harris wrote:
1) The Internet has a limited number of root name servers.I'm going to make a stab in the dark, but this also assumes that nameservers don't cache translations, and by nameservers I mean the ones on ISPs and localhosts around the world. This would mean that a DoS would have to operate until the cache expired, by which time the attacking hosts could have been filtered, or the root nameservers could have been kicked.
Actually, a rather nasty thing to do, would have been to set the worm up to attack www.microsoft.com. If my guess is right, that site uses the same pipe as support.microsoft.com or windowsupdate.microsoft.com. Had the person done this, it would have effectly used microsoft's own bug against it, and would have caused a big problem: how are the people supposed to obtain the patch if the site holding the patch gets hosed? It's a scarry thought, but funny one: A DDOS by microsoft's own software against itself. - Lynn
Current thread:
- Re: Win32.Sircam.Worm Alert....., (continued)
- Re: Win32.Sircam.Worm Alert..... Miguel Angel Rodriguez Jodar (Jul 25)
- multi-OS infections (was Re: A code red that could bring down the net? Meritt James (Jul 23)
- Re: multi-OS infections (Multi OS shellcode) Riley Hassell (Jul 24)
- Re: multi-OS infections (Multi OS shellcode) Damir Rajnovic (Jul 25)
- Re: multi-OS infections (Multi OS shellcode) corecode (Jul 25)
- RE: A code red that could bring down the net? Dom De Vitto (Jul 23)
- Re: A code red that could bring down the net? Birger Toedtmann (Jul 23)
- Re: A code red that could bring down the net? Michael Tench (Jul 23)
- Re: A code red that could bring down the net? Felix Harris (Jul 24)
- Re: A code red that could bring down the net? David R. Conrad (Jul 25)
- Re: A code red that could bring down the net? Lynn Crumbling (Jul 25)
- Re: A code red that could bring down the net? Sven van ´t Veer (Jul 26)
- Re: A code red that could bring down the net? security curmudgeon (Jul 26)
- Re: A code red that could bring down the net? Ian Stoba (Jul 25)
- Re: A code red that could bring down the net? Michael Tench (Jul 26)
- Re: A code red that could bring down the net? Jose Nazario (Jul 26)
- Re: A code red that could bring down the net? Meritt James (Jul 24)
- RE: Update to "Code Red" Worm. Its a date bomb, not time. Marc Maiffret (Jul 19)
- Re: Update to "Code Red" Worm. Its a date bomb, not time. Blue Boar (Jul 19)