On Sat, 1 Feb 2003 15:03:50 +0100, Simon Marechal wrote:
>> Actually, that was what the worm author did. The algorithm generates new
>> numbers from the current (i.e. it has some sort of knowledge what hosts
>> have already been infected) plus a not-really-predictable component
>> (system time, II
On Fri, 31 Jan 2003 22:58:29 -0500 (EST), batz wrote:
>This seems important is because it shows that a high rate
>of saturation can be achieved among network nodes as
>effectively (if not more so) using random distribution, as by
>using a structured or hierarchical distribution strategy.
It mig
On Sun, 26 Jan 2003 13:50:40 -0500, Karl A. Krueger wrote:
>Pardon my delurk, but this is very strange worm behavior. We are seeing
>100 SQL Worms per second from a single IP address on Telstra. This is
>about 10k times the level of activity we are seeing from any other
>address.
>
>Anyone here
On Sat, 25 Jan 2003 14:22:19 -0500, Richard M. Smith wrote:
>At 376 bytes, is this new Sapphire worm the world's smallest computer
>worm? The only competition I can think of is the Morse worm. Anybody
>know how big it was?
I suspect the morse worm was bigger, therefor I'm prepared to offer a
fl
On Sat, 11 Jan 2003 10:13:17 -0800, Nick Jacobsen wrote:
>Now, the question is, HAS anyone mirrored it? would be nice if someone had,
>and was willing to share...
I've swiped all that Google had cached yesterday (exploit pages for
3180 vulnerabilties), and all the standalone exploit files symant
On Mon, 09 Dec 2002 18:57:35 +0200, Georgi Guninski wrote:
>Berend-Jan Wever wrote:
>> H...
>> ... isn't hiding your root password security through obscurity ?
>> ... isn't hiding your private PGP key security through obscurity ?
>> ... isn't 90% of security based on these kinds of obscurity ?
> Obviously the bugtraq moderators cannot see any issues with obfuscated URL's that
>look like
> http://www.ebay.com%252f%40evil.site.goes.here.
If your only post to bugtraq was the second one you posted here last
night I can understand entirely why it was rejected. There's many
people who read
>Ahhh - time to bust out the old Unicode tekniqz...
>
>http://www.ebay.com%25%32%46%40www%2emsn%2ecom/
>http://www.ebay.com%252f%40www%2emsn%2ecom/
>http://www.ebay.com%25%32%46%40%57%57%57%2e%4d%53%4e%2e%43%4f%4d/
Myth. It's not unicode, just URL encoded ISO-Latin. There is currently
no way to p
>This could be false. I had gotten some spam from them sayuing they charged my credit
>card
I think I should post this link before anyone else gets taken in by
this,
https://www.isc2.org/cgi-bin/content.cgi?page=173
- Blazde
___
Full-Disclosure - W