Vulnerability Development mailing list archives

is it even possible for a worm with dcom vuln?

From: "Victor Pereira" <vpereira () modulo com br>
Date: Tue, 29 Jul 2003 16:33:13 -0300




<H D Moore>

A highly-effective worm would be not be difficult to write for the reasons
below. Residential ISP's should start blocking 445 and 135 immediately.
Corporate networks should block these ports in both directions at every
major gateway as soon as possible.
....
</H D Moore>

Don't forget all wireless lans without access restrictions around the world.
It is a good target to start a worm propagation using microsoft services,
because a lot of companies close it in they're  internet firewalls, but in a
LAN enviroment, everything is open.
I can't figure out the damage.. can you ? ;-)

Reguards,

______________________________________________
Victor Pereira - LPI, CCSA, CCSE

http://www.modulo.com.br
http://getdata.codigolivre.org.br

Current thread:

is it even possible for a worm with dcom vuln? wirepair (Jul 28)
- Re: is it even possible for a worm with dcom vuln? H D Moore (Jul 28)
- <Possible follow-ups>
- Re: is it even possible for a worm with dcom vuln? wirepair (Jul 28)
- is it even possible for a worm with dcom vuln? Victor Pereira (Jul 30)