Re: Trying NT Hacks

[Kutulu]

From: "Peter Ong" <[EMAIL PROTECTED]>
Sent: Thursday, December 27, 2001 7:02 PM
Subject: Re: Trying NT Hacks


> Really...  I just wonder how they figure out the IPs, other than randomly
> guessing.  Someone did mention that, and I guess there really aren't that
> many IP addresses that a computer could randomly generate in a short
amount
> of time without covering the whole spectrum.

They are scanning.  Nimda doesn't just guess IP's, it  tries every single IP
in the entire subnet.  That is, if your IP address is 192.168.45.23 and you
are inftected, your machine will loop through trying to connect (and infect)
every IP address from 192.168.0.1 to 192.168.255.254. This can be quite
time-consuming (especially if many of those IP's are not online, or dropping
packets aimed at port 80 without sending a RST).  But the worm isn't really
concerned about the efficiency of the machine it infected, or the bandwidth
it's wasting, so it turns out to be quite an effective way to spread.

--K



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-stable" in the body of the message

Re: OpenSSH (?) version in FreeBSD -STABLE?

[Kutulu]

- Original Message -
From: "Kris Kennaway" <[EMAIL PROTECTED]>
To: "Kutulu" <[EMAIL PROTECTED]>
Cc: "Juha Saarinen" <[EMAIL PROTECTED]>; "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]>
Sent: Saturday, September 22, 2001 5:58 PM
Subject: Re: OpenSSH (?) version in FreeBSD -STABLE?

> The maintainer didn't merge the newer version
>  into -stable before 4.4-R.  -current has had the
> latest version for some time.

Thank you muchly.  I don't have enough local access to the machine to risk
keeping up with -CURRENT, but I do CVSup -STABLE nightly.  Any rough idea
when it'll make it in there?

--K


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-stable" in the body of the message