Full Disclosure mailing list archives
Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
From: Albert Sunseri <sunseri () abpi net>
Date: Mon, 27 Jan 2003 19:09:54 -0500
The article has some interesting implications in its own right. However, if no damage whatsoever was done by hte worm then who would bother with the repercussions of the proof of concept? And I belive that Jason Coombs' point is about the degree of damage. Or to be metaphorical, the size of the horse that gets let out of the stable before the door is closed. An additional ethical issue would arise if the worm was written as a proof of concept and was never meant to 'escape' into the wild.... Just tossin pennies, ------------- Albert Sunseri Information want to be priceless sunseri () abpi net On Sat, Jan 25, 2003 at 06:11:12PM -0500, Richard M. Smith wrote:
From: "Richard M. Smith" <rms () computerbytesman com> To: <jasonc () science org>, "'Jay D. Dyson'" <jdyson () treachery net>, "'Bugtraq'" <bugtraq () securityfocus com>, "'Full-Disclosure'" <full-disclosure () lists netsys com> Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Date: Sat, 25 Jan 2003 18:11:12 -0500 However, this worm might not be so harmless as it appears because of collateral damage:
Bank of America ATMs Disrupted by Virus http://story.news.yahoo.com/news?tmpl=story&ncid=578&e=3&cid=569&u=/nm/2 0030125/tc_nm/tech_virus_dc "SEATTLE (Reuters) - Bank of America Corp. said on Saturday that customers at a majority of its 13,000 automatic teller machines were unable to process customer transactions after a malicious computer worm nearly froze Internet traffic worldwide." Richard M. Smith http://www.ComputerBytesMan.com -----Original Message----- From: Jason Coombs [mailto:jasonc () science org] Sent: Saturday, January 25, 2003 4:41 PM To: Jay D. Dyson; Bugtraq Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
... snip ....
As of now we don't know who wrote the worm, but we do know that it looks like a concept worm with no malicious payload. There is a good argument to be made in favor of such worms. Whomever did write this worm could have done severe damage beyond unfocused DDoS and chose not to do so. One would expect intelligence agencies in developed countries to write and release precisely this type of concept worm as a form of mass inoculation against malicious attacks.
... snip ...
Sincerely, Jason Coombs jasonc () science org
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!, (continued)
- RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Curt Purdy (Jan 26)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Benjamin Krueger (Jan 25)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Douglas F. Calvert (Jan 25)
- Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Rick Kelly (Jan 25)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Matt Smith (Jan 25)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! madsaxon (Jan 25)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Nick Jacobsen (Jan 26)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! madsaxon (Jan 25)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Greg A. Woods (Jan 25)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! moksha faced (Jan 27)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jason Coombs (Jan 27)
- Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Albert Sunseri (Jan 27)
- RE: Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Brett Moore (Jan 27)
- Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Erik Enge (Jan 28)
- Re: Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! David Howe (Jan 28)
- RE: Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Brett Moore (Jan 27)
- RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Schmehl, Paul L (Jan 26)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Henrik Lund Kramshøj (Jan 26)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Blue Boar (Jan 26)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Ka (Jan 26)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Henrik Lund Kramshøj (Jan 26)
- RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Ron DuFresne (Jan 26)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! jmcguire (Jan 26)
- RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Schmehl, Paul L (Jan 26)