[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Authorities eye MSBlaster suspect
- Subject: RE: [Full-Disclosure] Authorities eye MSBlaster suspect
- From: "Schmehl, Paul L" <pauls@utdallas.edu>
- Date: Fri, 29 Aug 2003 14:00:12 -0500
> -----Original Message-----
> From: Ben Nelson [mailto:lists@venom600.org]
> Sent: Friday, August 29, 2003 11:57 AM
> To: morning_wood
> Cc: full-disclosure@lists.netsys.com
> Subject: Re: [Full-Disclosure] Authorities eye MSBlaster suspect
>
>
> You need to keep in mind that affected != infected. Many of
> us admins who don't even administrate a single windows box
> were affected by amount of bandwidth consumed by people who
> were infected. This thing effectively created a denial of
> service on many networks and any host trying to use that
> network (be it an infected windows box or one of my hundreds of unix
> boxes) was, at the very least, significantly slowed down.
Sobig did that as well. Even without a single infection on your
network, the support people were overwhelmed with phone calls and
emails, some mail servers collapsed under the load, technical staff
consumed time looking for workarounds and stopgap measures to keep the
stupid bounce and virus warning messages out. The cost is enormous,
even without being infected. And it affects every single user, whether
they were using Windows, *nix or Mac.
Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html