Re: SuperStorm Worm
On 6 Oct 2007 at 9:51, Robert Seeberger wrote: http://www.wired.com/politics/security/commentary/securitymatters/2007/10/securitymatters_1004 http://tinyurl.com/2xevsm The Storm worm first appeared at the beginning of the year, hiding in e-mail attachments with the subject line: 230 dead as storm batters Europe. Those who opened the attachment became infected, their computers joining an ever-growing botnet. snip Hmmm. Anyone seeing a few parallels with Curious Yellow from _Glasshouse_? Heh. Dawn Falcon ___ http://www.mccmedia.com/mailman/listinfo/brin-l
Re: SuperStorm Worm
On Oct 6, 2007, at 8:57 AM, William T Goodall wrote: On 6 Oct 2007, at 15:51, Robert Seeberger wrote: http://www.wired.com/politics/security/commentary/securitymatters/ 2007/10/securitymatters_1004 http://tinyurl.com/2xevsm The Storm worm first appeared at the beginning of the year, hiding in e-mail attachments with the subject line: 230 dead as storm batters Europe. Those who opened the attachment became infected, their computers joining an ever-growing botnet. It vindicates what I've been saying all along: that Windows computers are simply too insecure to be allowed to be connected to the public networks. Microsoft's carelessness has cost the world untold billions. If I create an attractive nuisance on my property that causes harm, I am help responsible. Why not Microsoft? Of course, this worm depends on the idiocy of people who open attachments in emails from people they don't know. Those people should have their computers confiscated, the hard drives erased and Linux installed to be given to people who are worthy of them. Dave ___ http://www.mccmedia.com/mailman/listinfo/brin-l
Re: SuperStorm Worm
Dave Land wrote: Of course, this worm depends on the idiocy of people who open attachments in emails from people they don't know. Those people should have their computers confiscated, the hard drives erased and Linux installed to be given to people who are worthy of them. I thought so some time ago. After using Linux for about 7 years, and knowing its vulnerabilities, I am glad that Linux is still a minority OS, such that evil virusmakers don't bother to attack Linux. Alberto Monteiro ___ http://www.mccmedia.com/mailman/listinfo/brin-l
Re: SuperStorm Worm
On 7 Oct 2007, at 20:53, Alberto Vieira Ferreira Monteiro wrote: Dave Land wrote: Of course, this worm depends on the idiocy of people who open attachments in emails from people they don't know. Those people should have their computers confiscated, the hard drives erased and Linux installed to be given to people who are worthy of them. I thought so some time ago. After using Linux for about 7 years, and knowing its vulnerabilities, I am glad that Linux is still a minority OS, such that evil virusmakers don't bother to attack Linux. They do attack Linux servers because pwning a server is more valuable than a desktop machine. There are enormous numbers of attacks on servers attempting to use vulnerabilities in misconfigured systems as anyone who runs a server and looks at the logfiles can attest. Here's a few bad requests from the logs of a (BSD hosted) website I run. /phpmyadmin/main.php /pma/main.php /admin/main.php /admin/phpmyadmin/main.php /mysql/main.php /horde/readme /myadmin/main.php /phpmyadmin2/main.php /admin/phpmyadmin2/main.php /phpmychat/chat/messagesl.php3 /mysqladmin/main.php /webadmin/main.php /admin/myadmin/main.php /phpmyadmin-2.6.3-rc1/main.php /admin/sqladmin/main.php /scgi-bin/awstats/awstats.pl /admin/db/main.php /admin/php-my-admin/main.php /php-my-admin/main.php /admin/mysql/main.php /websql/main.php /admin/phpmyadmin-2.6.3-pl1/main.php /admin/phpmyadmin-2.2.6/main.php /phpmyadmin-2.6.3-pl1/main.php /phpmyadmin-2.2.6/main.php -- William T Goodall Mail : [EMAIL PROTECTED] Web : http://www.wtgab.demon.co.uk Blog : http://radio.weblogs.com/0111221/ The fact that an opinion has been widely held is no evidence whatever that it is not utterly absurd; indeed in view of the silliness of the majority of mankind, a widespread belief is more likely to be foolish than sensible. - Bertrand Russell ___ http://www.mccmedia.com/mailman/listinfo/brin-l
Re: SuperStorm Worm
On 6 Oct 2007, at 15:51, Robert Seeberger wrote: http://www.wired.com/politics/security/commentary/securitymatters/ 2007/10/securitymatters_1004 http://tinyurl.com/2xevsm The Storm worm first appeared at the beginning of the year, hiding in e-mail attachments with the subject line: 230 dead as storm batters Europe. Those who opened the attachment became infected, their computers joining an ever-growing botnet. snip Oddly enough, Storm isn't doing much, so far, except gathering strength. Aside from continuing to infect other Windows machines and attacking particular sites that are attacking it, Storm has only been implicated in some pump-and-dump stock scams. There are rumors that Storm is leased out to other criminal groups. Other than that, nothing. Personally, I'm worried about what Storm's creators are planning for Phase II. By: Bruce Schneier ** *** Considering the bot-attack that recently isolated Estonia from the net for a good while, this probably deserves some attention and a lot of investigation into world criminal syndicates. It is not the loner-hacker who should be considered a threat. xponent Awareness Maru rob It vindicates what I've been saying all along: that Windows computers are simply too insecure to be allowed to be connected to the public networks. Right Again Maru -- William T Goodall Mail : [EMAIL PROTECTED] Web : http://www.wtgab.demon.co.uk Blog : http://radio.weblogs.com/0111221/ Our products just aren't engineered for security. - Brian Valentine, senior vice president in charge of Microsoft's Windows development team. ___ http://www.mccmedia.com/mailman/listinfo/brin-l