Full Disclosure mailing list archives
[sean () donelan com: Symantec detected Slammer worm "hours" before]
From: Len Rose <len () netsys com>
Date: Thu, 13 Feb 2003 12:48:20 -0500
----- Forwarded message from Sean Donelan <sean () donelan com> ----- Delivered-To: nanog-outgoing () trapdoor merit edu Delivered-To: nanog () trapdoor merit edu Delivered-To: nanog () merit edu Date: Thu, 13 Feb 2003 11:59:48 -0500 (EST) From: Sean Donelan <sean () donelan com> To: nanog () merit edu Subject: Symantec detected Slammer worm "hours" before Precedence: bulk Errors-To: owner-nanog-outgoing () merit edu X-Loop: nanog Wow, Symantec is making an amazing claim. They were able to detect the slammer worm "hours" before. Did anyone receive early alerts from Symantec about the SQL slammer worm hours earlier? Academics have estimated the worm spread world-wide, and reached its maximum scanning rate in less than 10 minutes. I assume Symantec has some data to back up their claim. http://enterprisesecurity.symantec.com/content.cfm?articleid=1985&EID=0 "For example, the DeepSight Threat Management System discovered the Slammer worm hours before it began rapidly propagating. Symantec's DeepSight Threat Management System then delivered timely alerts and procedures, enabling administrators to protect against the attack before their environment was compromised." ----- End forwarded message ----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [sean () donelan com: Symantec detected Slammer worm "hours" before] Len Rose (Feb 13)
- Re: [sean () donelan com: Symantec detected Slammer worm "hours" before] Rick Updegrove (security) (Feb 13)
- Re: [sean () donelan com: Symantec detected Slammer worm "hours" before] Michael Scheidell (Feb 13)
- RE: [sean () donelan com: Symantec detected Slammer worm "hours" before] Jason Coombs (Feb 13)
- <Possible follow-ups>
- Re: [sean () donelan com: Symantec detected Slammer worm "hours" before] tecky (Feb 13)
- Re: [sean () donelan com: Symantec detected Slammer worm "hours" before] Ron DuFresne (Feb 13)