Vulnerability Development mailing list archives

Re: A code red that could bring down the net?

From: Lynn Crumbling <lynn () x hjsoft com>
Date: Wed, 25 Jul 2001 03:30:06 -0400 (EDT)

On Tue, 24 Jul 2001, Felix Harris wrote:

1) The Internet has a limited number of root name
servers.

I'm going to make a stab in the dark, but this also assumes that
nameservers don't cache translations, and by nameservers I mean
the ones on ISPs and localhosts around the world. This would
mean that a DoS would have to operate until the cache expired, by
which time the attacking hosts could have been filtered, or the root
nameservers could have been kicked.


Actually, a rather nasty thing to do, would have been to set the worm up
to attack www.microsoft.com. If my guess is right, that site uses the same
pipe as support.microsoft.com or windowsupdate.microsoft.com. Had the
person done this, it would have effectly used microsoft's own bug against
it, and would have caused a big problem: how are the people supposed to
obtain the patch if the site holding the patch gets hosed? It's a scarry
thought, but funny one: A DDOS by microsoft's own software against itself.

- Lynn

Current thread:

Re: Win32.Sircam.Worm Alert....., (continued)
- - - Re: Win32.Sircam.Worm Alert..... Miguel Angel Rodriguez Jodar (Jul 25)
    - multi-OS infections (was Re: A code red that could bring down the net? Meritt James (Jul 23)
    - Re: multi-OS infections (Multi OS shellcode) Riley Hassell (Jul 24)
    - Re: multi-OS infections (Multi OS shellcode) Damir Rajnovic (Jul 25)
    - Re: multi-OS infections (Multi OS shellcode) corecode (Jul 25)
    - RE: A code red that could bring down the net? Dom De Vitto (Jul 23)
    - Re: A code red that could bring down the net? Birger Toedtmann (Jul 23)
    - Re: A code red that could bring down the net? Michael Tench (Jul 23)
    - Re: A code red that could bring down the net? Felix Harris (Jul 24)
    - Re: A code red that could bring down the net? David R. Conrad (Jul 25)
    - Re: A code red that could bring down the net? Lynn Crumbling (Jul 25)
    - Re: A code red that could bring down the net? Sven van ´t Veer (Jul 26)
    - Re: A code red that could bring down the net? security curmudgeon (Jul 26)
    - Re: A code red that could bring down the net? Ian Stoba (Jul 25)
    - Re: A code red that could bring down the net? Michael Tench (Jul 26)
    - Re: A code red that could bring down the net? Jose Nazario (Jul 26)
    - Re: A code red that could bring down the net? Meritt James (Jul 24)
- Re: Update to "Code Red" Worm. Its a date bomb, not time. matt sommer (Jul 19)
  - RE: Update to "Code Red" Worm. Its a date bomb, not time. Marc Maiffret (Jul 19)
  - Re: Update to "Code Red" Worm. Its a date bomb, not time. Blue Boar (Jul 19)
- RE: Update to "Code Red" Worm. Its a date bomb, not time. emerson . c . tan (Jul 19)

(Thread continues...)