Security Incidents mailing list archives
RE: WMF Threat OK , but no huge attack ... WHY ?
From: "Ward, Patrick James" <patrick.ward () hp com>
Date: Mon, 9 Jan 2006 15:46:29 -0800
Well, it seems to me you are making a huge assumption here: That not much bad actually happened. It has been my experience that when people who know what they are doing set out to exploit a system, there is very little, if any, evidence left. Why do you assume that an attack (or more likely, many attacks) did not occur that simply have not been detected/observed? It is not difficult to create an exploit for this issue that is not detectable via antivirus or IDS/IPS, and is also relatively easy to create something that is very covert in what it does to avoid observation. And with the "me too" attention that this issue is generating (i.e. the follow on WMF exploits posted today by cocoruder - which are not addressed by MS06-001), I don't think that we have seen the end of these WMF issues, not by a long shot. Cheers, Patrick -----Original Message----- From: pejman.gohari () gmail com [mailto:pejman.gohari () gmail com] Sent: Monday, January 09, 2006 9:34 AM To: incidents () securityfocus com Subject: WMF Threat OK , but no huge attack ... WHY ? Hi, The WMF threat was and continues to be important. But I'm curious to know why we didn't observe any important attack on Internet? WMF was a perfect Zero-Day attack and a scenario like the blackout of Internet was possible ... but nothing ... or no important attack! No BOT virus deployed? No DOS worm attack? ... All hackers become white-hat? Or they attacked and we didn't see anything? Any hypothese / explanation ? Regards, Pejman
Current thread:
- WMF Threat OK , but no huge attack ... WHY ? pejman . gohari (Jan 09)
- Re: WMF Threat OK , but no huge attack ... WHY ? Jose Nazario (Jan 11)
- Re: WMF Threat OK , but no huge attack ... WHY ? jim (Jan 11)
- Re: WMF Threat OK , but no huge attack ... WHY ? Byron Sonne (Jan 11)
- Re: WMF Threat OK , but no huge attack ... WHY ? Chris Byrd (Jan 11)
- Re: WMF Threat OK , but no huge attack ... WHY ? Thierry Zoller (Jan 11)
- Re: WMF Threat OK , but no huge attack ... WHY ? Valdis . Kletnieks (Jan 11)
- <Possible follow-ups>
- WMF Threat OK , but no huge attack ... WHY ? k levinson (Jan 11)
- RE: WMF Threat OK , but no huge attack ... WHY ? Ward, Patrick James (Jan 11)