On 18/08/2006, at 4:39 PM, Ian Clelland wrote:

>
> On 8/17/06, Ian Holsman <[EMAIL PROTECTED]> wrote:
>> this is how various worms spread in the past. they did a google
>> search for a specific 'feature'
>> and then with a known vulnerability in hand, they would attack that
>> site, put their worm on it, and repeat.
>
> Ian,
>
> Do you know of worms that would actually try to leverage a web service
> such as google, and interpret the results of that search?

http://www.viruslist.com/en/viruses/encyclopedia?virusid=68388

> I always
> assumed that all they would do is connect over port 80, and try to
> retrieve something like /admin/, or another platform-specific resource
> over http, and there's not much that excluding the URL through
> /robots.txt is going to do to stop that.

some did do that, but that it isn't very efficient, and gets noticed  
quickly.

>
> I'm actually curious though -- is there enough advantage to be had by
> parsing the HTML response of a google search, that malware writers
> would bother to write that, rather than just trying IPs at random?
>
>
> Getting more off-topic by the minute,
> Ian Clelland
> <[EMAIL PROTECTED]>
>
> >

--
Ian Holsman
[EMAIL PROTECTED]
http://car-chatter.com/ where car fanatics meet



--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users
-~----------~----~----~----~------~----~------~--~---

Reply via email to