Full Disclosure mailing list archives
RE: Windows Dcom Worm planned DDoS
From: "Wcc" <wcc () techmonkeys org>
Date: Wed, 13 Aug 2003 01:06:11 -0400
-----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Andrew Thomas Sent: Tuesday, August 12, 2003 6:00 AM To: bugtraq () securityfocus com; full-disclosure () lists netsys com Subject: [Full-disclosure] Windows Dcom Worm planned DDoS Hi, The examinations of the code so far indicate that the worm is coded to DoS the windowsupdate site from the 15th of August onwards through the end of the year. I haven't seen anything mentioning whether or not the IP is hardcoded. If not, shouldn't Microsoft just set the forward resolve to 127.0.0.1 for a period of time? That will probably save many, many $'s of wasted traffic.
True, and if the IP is hardcoded, then the machine can just be assigned new IPs (and the others nulled), and operation would continue as normal.
-- Andrew G. Thomas Hobbs & Associates Chartered Accountants (SA) (o) +27-(0)21-683-0500 (f) +27-(0)21-683-0577 (m) +27-(0)83-318-4070
Wcc _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Windows Dcom Worm planned DDoS, (continued)
- RE: Windows Dcom Worm planned DDoS Nick FitzGerald (Aug 12)
- Re: Windows Dcom Worm planned DDoS Matthew Murphy (Aug 12)
- Re: Windows Dcom Worm planned DDoS Valdis . Kletnieks (Aug 13)
- Re: Windows Dcom Worm planned DDoS Max Valdez (Aug 15)
- Re: Windows Dcom Worm planned DDoS Valdis . Kletnieks (Aug 16)
- Re: Windows Dcom Worm planned DDoS Sebastian Niehaus (Aug 12)
- Re: Windows Dcom Worm planned DDoS martin f krafft (Aug 12)
- Re: Re: Windows Dcom Worm planned DDoS Sebastian Niehaus (Aug 13)
- Re: Windows Dcom Worm planned DDoS Reveret Julien (Aug 12)
- Re: Windows Dcom Worm planned DDoS Nick FitzGerald (Aug 12)
- Windows Dcom Worm Killer w g (Aug 13)
- Re: Windows Dcom Worm Killer Joey (Aug 13)
- Re: Windows Dcom Worm Killer Nick FitzGerald (Aug 13)
- Re: Windows Dcom Worm Killer and source code w g (Aug 13)
- RE: Windows Dcom Worm planned DDoS Chris Eagle (Aug 14)
- DDos counter measures Laurent LEVIER (Aug 14)
- Re: DDos counter measures Nick FitzGerald (Aug 14)
- Re: DDos counter measures Gael Martinez (Aug 14)
- Re: DDos counter measures Charles Ballowe (Aug 15)