Full Disclosure mailing list archives
Re: Mydoom: perfect storm averted or just ahead?
From: Roelof Temmingh <roelof () sensepost com>
Date: Thu, 29 Jan 2004 10:49:23 +0200 (SAST)
2. It would be difficult for a malicious programmer, cyber terrorists or cyber activists to target a specific environment and protect others ( Eg., launch denial of service against SCO.com because I like LINUX and don?t like SCO legal actions. Protect my computer at Berkley.edu because I don?t want to effect my own Email.) Programmers can easily modify code and launch an attack against another environment.
Not sure I totally agree here. While it is difficult to target a specific network or system with worm technology it is possible - to an certain extent at least. Refer to http://www.sensepost.com/misc/bh2003lv.doc for some ideas on how that could be done. The document describes attacks that are wide-spread, yet focussed - it was presented at BlackHat, Las Vegas, 2003. my 1c, Roelof. ===================== Roelof Temmingh roelof () sensepost com +27 12 667 4737 GMT+2 ===================== _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Mydoom: Perfect Storm Averted or Just Ahead? WolfgangK (Jan 28)
- Re: Mydoom: Perfect Storm Averted or Just Ahead? Randal L. Schwartz (Jan 29)
- Re: Mydoom: Perfect Storm Averted or Just Ahead? Collin R. Mulliner (Jan 29)
- Re: Mydoom: Perfect Storm Averted or Just Ahead? Papp Geza (Jan 29)
- <Possible follow-ups>
- Mydoom: perfect storm averted or just ahead? Computer Security (Jan 29)
- Re: Mydoom: perfect storm averted or just ahead? Roelof Temmingh (Jan 29)
- Re: Mydoom: Perfect Storm Averted or Just Ahead? Randal L. Schwartz (Jan 29)