Full Disclosure mailing list archives
Re: AT&T early warning system
From: S G Masood <sgmasood () yahoo com>
Date: Sat, 18 Oct 2003 12:07:14 -0700 (PDT)
--- Hoho <hoho () tacomeat net> wrote:
On Fri, 2003-10-17 at 22:44, jkm wrote:Quote 2: "AT&T saw anomalies in its network three to fourweeks before that wormhit and was able to take certain precautions."When the worm actuallyhappened, AT&T's network did not take a hit,''Eslambolchi said." Doesn't it seem like they're trying to violate causality? If the worm doesn't exist yet, then its associated traffic doesn't exist yet, hence there's nothing to detect.
...unless they had insider information that a worm that exploits certain "anomalies" would be released in "three to four weeks" :). I didn't see the original article but maybe they are referring to the DCOM worm brigade which was anticipated and awaited weeks before it hit. -- S.G.Masood Hyderabad, India. __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- AT&T early warning system jkm (Oct 17)
- Re: AT&T early warning system Jay Sulzberger (Oct 17)
- Re: AT&T early warning system jkm (Oct 17)
- Re: AT&T early warning system Hoho (Oct 18)
- Re: AT&T early warning system S G Masood (Oct 18)
- Re: AT&T early warning system jkm (Oct 19)
- RE: AT&T early warning system Steve Wray (Oct 18)
- RE: AT&T early warning system S G Masood (Oct 18)
- Re: AT&T early warning system Sascha Teifke (Oct 18)
- RE: AT&T early warning system Bruce Ediger (Oct 18)
- Re: AT&T early warning system S G Masood (Oct 18)
- Re: AT&T early warning system jkm (Oct 19)
- RE: AT&T early warning system Steve Wray (Oct 19)
- Re: AT&T early warning system Jimmy Alderson (Oct 22)
- Re: AT&T early warning system Jay Sulzberger (Oct 17)