http://news.findlaw.com/nytimes/docs/cyberlaw/usparson82803cmp.pdf
Great link.
Items of particular interest:
Page 9, lines 6-8: "Since dl.t33kid.com is a copy of www.t33kid.com, it also can be used to capture IP addresses of compromised computers."
Isn't that reaching a bit, since the worm doesn't apparently know about dl.t33kid.com?
Page 10, lines 10-11: "Microsoft expended significant internal and external (e.g., contracted) resources to respond to the DDos attack launched by JEFFREY LEE PARSON."
Page 6, lines 12-14: "Within three days, Blaster had infected an estimated one hundred thousand to two hundred thousand computers. By August 15, 2003, estimates were as high as more than one million infected computers."
Page 16, lines 16-18: "...at least 7,000 individual Internet users' computers were compromised by the variant of the Blaster worm that was released by JEFFREY LEE PARSON."
So, it sounds like he's responsible for 7,000 out of 100,000 to 1,000,000 infected computers. Unfortunately for him, he's the one stupid enough to use his handle in the code, so he's the one that shows up on CNN as the culprit for everything.
While I do not wish to give the impression that I condone or mitigate the damage done by Parson's variant, I suspect he's going to get held responsible for the overall worm while interest in finding the original culprits wanes.
--
gowen -- Greg Owen -- [EMAIL PROTECTED]
79A7 4063 96B6 9974 86CA 3BEF 521C 860F 5A93 D66D_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
