[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Re: Windows Dcom Worm planned DDoS

To: martin f krafft <madduck@madduck.net>
Subject: Re: [Full-Disclosure] Re: Windows Dcom Worm planned DDoS
From: Sebastian Niehaus <killedbythoughts@mindcrime.net>
Date: 13 Aug 2003 08:59:48 +0200

martin f krafft <madduck@madduck.net> writes:
> also sprach Sebastian Niehaus <killedbythoughts@mindcrime.net>:

> > Could be a nice feature of a worm to modify the "hosts" file and
> > prevent infected maschines to do DNS lookups.
> 
> Unless you use a rooted host for that, it would reveal your
> identity. And if you use a rooted host, you run the risk of the worm
> failing if you loose control over the host.

So we need a daemon to fetch the "hosts" file from somwhere (IRC?)<w
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] Windows Dcom Worm planned DDoS
  - From: Nick FitzGerald <nick@virus-l.demon.co.uk>
- Re: [Full-Disclosure] Windows Dcom Worm planned DDoS
  - From: Sebastian Niehaus <killedbythoughts@mindcrime.net>
- [Full-Disclosure] Re: Windows Dcom Worm planned DDoS
  - From: martin f krafft <madduck@madduck.net>

Prev by Date: [Full-Disclosure] PHP dlopen() -> Fun with apache (and other webservers)
Next by Date: Re: [Full-Disclosure] Windows Dcom Worm Killer
Prev by thread: [Full-Disclosure] Re: Windows Dcom Worm planned DDoS
Next by thread: Re: [Full-Disclosure] Windows Dcom Worm planned DDoS
Index(es):
- Date
- Thread