Full Disclosure mailing list archives
RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
From: "Jason Coombs" <jasonc () science org>
Date: Sun, 26 Jan 2003 20:46:14 -1000
The link to the Yahoo! News/Reuters article reporting the BofA ATM outage does work, you just didn't copy and paste it properly when it spanned two lines in the e-mail message. Here's a shorter link: http://makeashorterlink.com/?K28962933 -----Original Message----- From: moksha faced [mailto:admin () mokshafaced com] Sent: Sunday, January 26, 2003 7:30 PM To: Richard M. Smith; jasonc () science org; 'Jay D. Dyson'; 'Bugtraq'; 'Full-Disclosure' Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! I'm going to jump out on a limb here, but I think this story is poop. In military lingo "poo poo cah cah". No one links their ATMs over the internet, NO ONE... and especially not the really large banks that know better. I also noticed the story link doesn't work, so obviously somebody got their facts straight and retracted the story... --- "Richard M. Smith" <rms () computerbytesman com> wrote:
However, this worm might not be so harmless as it appears because of collateral damage: Bank of America ATMs Disrupted by Virus
http://story.news.yahoo.com/news?tmpl=story&ncid=578&e=3&cid=569&u=/nm/2
0030125/tc_nm/tech_virus_dc "SEATTLE (Reuters) - Bank of America Corp. said on Saturday that customers at a majority of its 13,000 automatic teller machines were unable to process customer transactions after a malicious computer worm nearly froze Internet traffic worldwide." Richard M. Smith http://www.ComputerBytesMan.com -----Original Message----- From: Jason Coombs [mailto:jasonc () science org] Sent: Saturday, January 25, 2003 4:41 PM To: Jay D. Dyson; Bugtraq Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jay Dyson wrote:And to think...up until tonight, I thought thevulnerabilitiesthat paved the way for Nimda were the worst thatMicrosoft could doto the net.community. They've really toppedthemselves this time. As of now we don't know who wrote the worm, but we do know that it looks like a concept worm with no malicious payload. There is a good argument to be made in favor of such worms. Whomever did write this worm could have done severe damage beyond unfocused DDoS and chose not to do so. One would expect intelligence agencies in developed countries to write and release precisely this type of concept worm as a form of mass inoculation against malicious attacks. Before you get upset at your vendor, or anyone else's, consider the bigger picture and recognize the increased security hardening the Internet just received. Belief in this silver lining shouldn't be taken too far, of course, but flaming anyone over an event like this is misplaced considering the number of infosec experts who would probably have agreed to write this worm if approached by their nations' government with proof that an adversary was planning to cause severe harm by exploiting the W32/SQLSlammer vulnerability. Sincerely, Jason Coombs jasonc () science org
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!, (continued)
- RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Joe Klein (Jan 26)
- RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Curt Purdy (Jan 26)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Benjamin Krueger (Jan 25)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Douglas F. Calvert (Jan 25)
- Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Rick Kelly (Jan 25)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Matt Smith (Jan 25)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! madsaxon (Jan 25)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Nick Jacobsen (Jan 26)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! madsaxon (Jan 25)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Greg A. Woods (Jan 25)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! moksha faced (Jan 27)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jason Coombs (Jan 27)
- Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Albert Sunseri (Jan 27)
- RE: Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Brett Moore (Jan 27)
- Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Erik Enge (Jan 28)
- Re: Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! David Howe (Jan 28)
- RE: Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Brett Moore (Jan 27)
- RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Schmehl, Paul L (Jan 26)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Henrik Lund Kramshøj (Jan 26)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Blue Boar (Jan 26)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Ka (Jan 26)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Henrik Lund Kramshøj (Jan 26)
- RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Ron DuFresne (Jan 26)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! jmcguire (Jan 26)