Full Disclosure mailing list archives
Re: Possible First Crypto Virus Definitely Discovered!
From: "Jon" <jbistogood () hotmail com>
Date: Tue, 8 Jun 2004 22:53:33 +0100
Make sure you block port 80 as well, the dreaded w32 () www web virus uses this port. If you see any traffic on there, then chances are you have it. ----- Original Message ----- From: "Billy B. Bilano" <mr.bill.bilano () email server unix bill bilano biz> To: <full-disclosure () lists netsys com> Sent: Tuesday, June 08, 2004 8:00 PM Subject: Re: [Full-disclosure] Possible First Crypto Virus Definitely Discovered!
Oliver! Hello! SSL is the same port as HTTPS ? OMFG then we have a bigger problem than I ever imagined!! HOLY SMOKES! I am going to block port 443 right now and I urge ALL of you to do the same before this gets out of control! Also, Oliver, I am sure I am telling you something you don't know, but you have a bunch of crypto code that is more then likely a virus at the end of your message! In fact, you are so infected, that it seems the crypto code
is
longer then the entire message you sent! This is probably how it spreads!
I
saw a couple of other people on this thing already that had this same symptom. Good luck, everybody! I hope we can cleanse our systems of this 443 virus! -------- Mr. Billy B. Bilano, MSCE, CCNA <http://www.bilano.biz/> Expert Sysadmin Since 2003! 'C:\WINDOWS, C:\WINDOWS\GO, C:\PC\CRAWL' -- RMS ----- Original Message ----- From: "Oliver Welter" <mail () oliwel de> To: <full-disclosure () lists netsys com> Cc: "Billy B. Bilano" <mr.bill.bilano () email server unix bill bilano biz> Sent: Tuesday, June 08, 2004 12:43 PM Subject: Re: [Full-disclosure] Possible First Crypto Virus Definitely Discovered!hi Guys, I'm new to the list, so hello first ;) I really dont know if you are just kidding or if I missunderstod your post... Port 443 is the SecureHTTP protocol (https) - so it is correct that it is bound to a webserver process and it is correct that SSL-encryptet traffic goes in and out - so whats the matter ? Oliver -- Diese Nachricht wurde digital unterschrieben oliwel's public key: http://www.oliwel.de/oliwel.crt Basiszertifikat: http://www.ldv.ei.tum.de/page72_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Possible First Crypto Virus Definitely Discovered! Billy B. Bilano (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! madsaxon (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! Harlan Carvey (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! Billy B. Bilano (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! Oliver Welter (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! Billy B. Bilano (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! Jon (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! Billy B. Bilano (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! KF (lists) (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! VB (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! James Bliss (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! Jakob Jünger (Jun 08)
- RE: Possible First Crypto Virus Definitely Discovered! Aditya, ALD [Aditya Lalit Deshmukh] (Jun 10)
- Re[2]: Possible First Crypto Virus Definitely Discovered! Thierry (Jun 08)