Full Disclosure mailing list archives
Re: Possible First Crypto Virus Definitely Discovered!
From: "Job 317" <job317 () mailvault com>
Date: Wed, 09 Jun 2004 05:01:10 00200 (CEST)
Thought I might weigh in with a serious comment (although I might regret it later ;) ). Any Web hack attack can be sent using the openssl s_client program. You pipe your attack over an SSL connection to port 443 (or to whatever port is defined as an SSL port on the victim host). This has been around for ages. Actually, I am a little surprised in retrospect that I haven't seen much use of it. Maybe I took this a little too seriously but this is nothing new. Job On 9-Jun-2004 03:00:18 +0200, you wrote:
We're all feeling a little silly today. This thread has kept me
chuckling all
day tho. I don't know what's funnier, the tongue-in-cheek replies or
the
serious ones! On Tuesday 08 June 2004 16:06, Picciano, Anthony wrote:Did I pick or weird day to join this maillist, or is it always this
silly?
-----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com]On Behalf Of Micah McNelly Sent: Tuesday, June 08, 2004 4:32 PM To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Possible First Crypto Virus
Definitely
Discovered! Greatest post of all time. /me claps. /m ----- Original Message ----- From: "Goudie, Derek" <derek.goudie () earthtech ca> To: <full-disclosure () lists netsys com> Sent: Tuesday, June 08, 2004 1:54 PM Subject: RE: [Full-disclosure] Possible First Crypto Virus
Definitely
Discovered!Thanks! I needed that.... -----Original Message----- From: Jakob Jünger [mailto:krimskram () freenet de] Sent: Tuesday, June 08, 2004 1:01 PM To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Possible First Crypto Virus
Definitely
Discovered! Hi, I just can admit to what Billy wrote. The Firewall of my PDA is
getting
hot. It plays "Yellow Submarine" everytime I press the escape-key.
It
has to be something like this crypto-thing. I don't know what
"crypto"
means but it seems to be encrypted with EnglishLanguageProtocol. Believe me, I have been the administrator of my PDA since I was
three
years old. JakobWhatever ssl is, I don't know but it's using the so-called
"ssl"
port on the web servers. But this port 443 is not SSH! Why should it be encrypted? And
what
is this "ssl" thing? I've been in IT for many years and I am now
IT
Director here at the bank... I would think that I would know
what
"ssl" would be. I don't think this worm has anything to do with whatever "ssl" is. Does anybody even still use ssl? That's
probably
why the hackers chose it. Sorry to say but it is not! I checked my incoming traffic again
this
morningand the attack on port 443 is still coming in full steam ahead!
I
don't knowwhat's going on, but I am about to block that port on my
firewall.
Somenitwit (probably the idiot that was here before I became IT
Director)
somehow, for some reason, deliberately opened port 443 on thefirewalls!I am beginning to think that this is the first wave of the new
coming
globalcrypto-storm!_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Possible First Crypto Virus Definitely Discovered!, (continued)
- Re: Possible First Crypto Virus Definitely Discovered! Nils Ketelsen (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! William Warren (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! ktabic (Jun 09)
- RE: Possible First Crypto Virus Definitely Discovered! Aditya, ALD [Aditya Lalit Deshmukh] (Jun 10)
- RE: Possible First Crypto Virus Definitely Discovered! Jason Bethune (Jun 08)
- RE: Possible First Crypto Virus Definitely Discovered! Steve Boone (Jun 08)
- RE: Possible First Crypto Virus Definitely Discovered! Picciano, Anthony (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! David Hane (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! mark (Jun 08)
- Re: Possible First Crypto Virus Definitely Discovered! Job 317 (Jun 08)
- RE: Possible First Crypto Virus Definitely Discovered! Felipe Angoitia (Jun 10)
- RE: Possible First Crypto Virus Definitely Discovered! Sean Crawford (Jun 10)
- Re: Possible First Crypto Virus Definitely Discovered! Valdis . Kletnieks (Jun 10)
- Re: Possible First Crypto Virus Definitely Discovered! Billy B. Bilano (Jun 10)
- Re: Possible First Crypto Virus Definitely Discovered! James Bliss (Jun 10)
- Re: Possible First Crypto Virus Definitely Discovered! Shawn Nunley (Jun 10)
- RE: Possible First Crypto Virus Definitely Discovered! Aditya, ALD [Aditya Lalit Deshmukh] (Jun 10)
- Re: Possible First Crypto Virus Definitely Discovered! Mike Simpson (Jun 10)
- RE: Possible First Crypto Virus Definitely Discovered! Sean Crawford (Jun 10)