Re: [Full-Disclosure] MyDoom download info
Valdis.Kletnieks_at_vt.edu
Date: 01/31/04
- Previous message: Gadi Evron: "[Full-Disclosure] another Trojan with the ADO hole? + a twist in the story"
- In reply to: Steve Wray: "RE: [Full-Disclosure] MyDoom download info"
- Next in thread: Paul Schmehl: "Re: [Full-Disclosure] MyDoom download info"
- Reply: Paul Schmehl: "Re: [Full-Disclosure] MyDoom download info"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Steve Wray <steve.wray@paradise.net.nz> Date: Sat, 31 Jan 2004 12:25:04 -0500
On Sat, 31 Jan 2004 12:03:37 +1300, Steve Wray <steve.wray@paradise.net.nz> said:
> I've often thought that none of the viruses so far encountered on the
> net are actually serious.
>
> What worries me are the viruses that have been around for a while
> and which have, so far, not been detected; these are the serious
> viruses (I'm assuming that they exist). Viruses that *don't* send
> vast amounts of email and hence get detected; viruses that *don't*
> run under a debugger, that *don't* give themselves away.
What worries me is we haven't seen *either* an actual damaging virus
(imagine if the last 2 lines of Mydoom were "sleep(4hours); exec("format c:);")
or a "sleeper" virus. At least we can console ourselves with the thought
that a stealthy sleeper virus would almost by necessity have a very low
burn rate, and thus take a long time to compromise a significant number
of systems (if somebody has a way they'd like to share to spread quickly
while remaining stealthy, feel free to comment ;)
I wish I knew which one to be more worried about the lack of.. ;)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- application/pgp-signature attachment: stored
- Previous message: Gadi Evron: "[Full-Disclosure] another Trojan with the ADO hole? + a twist in the story"
- In reply to: Steve Wray: "RE: [Full-Disclosure] MyDoom download info"
- Next in thread: Paul Schmehl: "Re: [Full-Disclosure] MyDoom download info"
- Reply: Paul Schmehl: "Re: [Full-Disclosure] MyDoom download info"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
