Re: Linux Slapper Worm
From: Charles Stevenson (core@bokeoa.com)Date: 09/19/02
- Previous message: Steven M. Christey: "Re: [Full-Disclosure] iDEFENSE Security Advisory 09.18.2002: Security Vulnerabilities in OSF1/Tru64 3."
- In reply to: Ajai Khattri: "Re: Linux Slapper Worm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 19 Sep 2002 15:23:05 -0600 From: Charles Stevenson <core@bokeoa.com> To: bugtraq@securityfocus.com
This method of security through obscurity will not prevent another
hacker from chaning the worm to use one of the modified versions of the
exploit which supports brute forcing. Nor does it trick Solar Eclipse's
scanner which actually overflows and checks to see if the server
response contains our data. All you did was waste your time. :)
peace,
core
--
Charles Stevenson (core) <core@bokeoa.com>
Lab Assistant, College of Eastern Utah San Juan Campus
http://www.bokeoa.com/~core/core.asc
- Previous message: Steven M. Christey: "Re: [Full-Disclosure] iDEFENSE Security Advisory 09.18.2002: Security Vulnerabilities in OSF1/Tru64 3."
- In reply to: Ajai Khattri: "Re: Linux Slapper Worm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
