RE: A code red that could bring down the net?

From: Dom De Vitto (dom@devitto.com)
Date: 07/23/01


From: "Dom De Vitto" <dom@devitto.com>
To: <vuln-dev@securityfocus.com>, <SECURITY-BASICS@securityfocus.com>
Subject: RE: A code red that could bring down the net?
Date: Mon, 23 Jul 2001 22:36:23 +0100
Message-ID: <NDBBJOKICOHGIJLJDFEJOEOPDCAA.dom@devitto.com>

I think a guy called William 'T' Morris may have had this idea first.
Allegedly :-)

History. History. History.

Dom

-----Original Message-----
From: Jason Lewis [mailto:jlewis@packetnexus.com]
Sent: 23 July 2001 06:08
To: 'josh abulamhammedramashi'; vuln-dev@securityfocus.com;
SECURITY-BASICS@securityfocus.com
Subject: RE: A code red that could bring down the net?

The internet isn't a big hub. If I connect a machine with an IP that is
identical to yours, I don't knock you off the net. There is routing and
switching involved. If you change your IP to 192.168.1.1 (example IP), the
entire net needs to know how to get to your IP. Just changing it doesn't
make that happen. Changing IP's isn't a DDoS.

How about this instead? A worm that is not only windows, but also unix
based. It carries payload for each OS. It works similar to CodeRed and
replicates itself. It also installs a zombie client and creates backdoors.
Imagine a worm that wraps all the viruses in the 16 months into one. What
if it actively searched out victims while also using Outlook to propagate
itself.

BTW, I want the 5 minutes back that it took me to read that paper. I also
didn't cc Mark, he probably gets enough junk mail.

Jason Lewis
http://www.packetnexus.com
It's not secure "Because they told me it was secure".
The people at the other end of the link know less
about security than you do. And that's scary.

-----Original Message-----
From: josh abulamhammedramashi [mailto:whoredware@yahoo.com]
Sent: Sunday, July 22, 2001 10:42 PM
To: vuln-dev@securityfocus.com; SECURITY-BASICS@securityfocus.com
Cc: Marc Maiffret
Subject: A code red that could bring down the net?

I just wanted some input on this paper I wrote, It'd
be nice for some input and constructive critiscm. I'd
like to get this to eventually make the guest writer
section on security focus. You can view it at
http://www.whoredware.com/codered.html

thanks-
enigmabomb
enigmabomb@nyc2600.org

p.s. sorry about the cross posts, but this seems
pertinent to both.

__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/



Relevant Pages

  • RE: A code red that could bring down the net?
    ... History. ... It's not secure "Because they told me it was secure". ... section on security focus. ... Make international calls for as low as $.04/minute with Yahoo! ...
    (Security-Basics)
  • Re: HP pavilion preloaded spyware is sticky...
    ... analogon to encryption. ... history, genetic profile, familial history, political bent, magazine subscription history, insurance profile, educational records, criminal records...hell why not just let have access to your thoughts when the technology matures. ... This applies to physical scamming as well...it is all predicated on the myth that one can ascertain when one is being scammed and can take steps to alleviate it----the amygdala is the problem, it can allow us to feel secure if the sensory input is parsed in a manner leading to trust, or devoid of suspicion. ... But then nobody was really cogent of the problems endless user modifiable compatibility would bring. ...
    (comp.security.misc)
  • Re: Coming from XP
    ... and "clear history" choices in the UI do exactly that AFAICT. ... WTF is a "free space cleaner"? ... In ext3 (default Linux filesystem in most cases), ... I've never needed this "secure delete" capability. ...
    (comp.os.linux.misc)
  • Further to Documents in IE History
    ... Adware SE, found 4 dialers which I removed (comment when I originally ... and history and cleared 2.43MB from IE cache, 28 url's from IE history and ... In the end I feel more secure.. ... account number is still posted to IE history.. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: need to secure/spy on wireless guest...
    ... The shares I have set up are pretty much secure (i.e., ... weird reason they just don't work...something I'm troubleshooting at ... but he's a young Arab student for whom I have no history ...
    (microsoft.public.windowsxp.network_web)