Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

From: Colm MacCárthaigh <colmmacc () Redbrick DCU IE>
Date: Sun, 26 Jan 2003 00:45:21 +0000
On Sat, Jan 25, 2003 at 01:53:10PM -1000, Jason Coombs wrote:

Colm MacCarthaigh wrote:

If the worm had a malicious (in your terms) payload, it would have
caused networks just as many problems (so no gain there), and more harm
to MS-SQL users. Using your logic, surely this much more damaging
experience would have cause MS-SQL admins to be more responsible in
keeping up to date ? Or rather, more fearful of future exploits.


Precisely my point. Sapphire was not designed to inspire fear. If this had
been a terrorist act it would have done so, and it could have done so. 


Consider that in order to exploit a target, it is counter-productive to 
inspire fear within this target. 

I do agree that this exploit was likely neither a Terrorist act nor primarily
designed to inpire fear. Far more likely it was designed to make headlines, 
and a name for someone.


anything actually *damaged* by Sapphire (in a physical/non-trivial sense of
the word) was too vulnerable for use in the first place.


Unfortunatley the "anything" is the Internet, and "vulnerability" is
the CPU-bound nature of routers and the finite capacity of network links.

-- 
colmmacc at redbrick.dcu.ie
Previous By Date Next
Previous By Thread Next

Current thread: