Full Disclosure mailing list archives
msblast
From: "harq deman" <harqman () btopenworld com>
Date: Mon, 11 Aug 2003 22:30:31 +0100
yawn.. OK.. the worm.. again It scans a randon b class based on the current hosts address it does not kill any AV products or firewalls it does not hide processes, files or network activity from the kernel when it packets windowsupdate.com on the 16th, it spoofs the last 2 octets of the source ip address, and continues to scan D-.. must try harder --harq
Current thread:
- msblast harq deman (Aug 11)
- RE: msblast gml (Aug 11)