SecurityFocus

Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 25 2003 11:17AM
Umit Tiric (umitt softcom biz) (1 replies)

Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 25 2003 11:35AM
Jay D. Dyson (jdyson treachery net) (1 replies)

RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 25 2003 09:40PM
Jason Coombs (jasonc science org) (4 replies)

Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 25 2003 11:59PM
Charles Miller (cmiller pastiche org)

Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 25 2003 11:37PM
Colm MacCárthaigh (colmmacc Redbrick DCU IE) (1 replies)

RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 25 2003 11:53PM
Jason Coombs (jasonc science org) (1 replies)

Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 26 2003 12:45AM
Colm MacCárthaigh (colmmacc Redbrick DCU IE)

RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 25 2003 11:12PM
Jay D. Dyson (jdyson treachery net)

RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 25 2003 11:11PM
Richard M. Smith (rms computerbytesman com) (1 replies)

RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 26 2003 01:08AM
Brian McGrogan (brian encinc com) (2 replies)

The fact that the nations largest banking institution relies on the
Internet for ATM transactions is disturbing. I personally experienced
this while at a Bank of America ATM today. I will never use Bank of
America because of a statement like that.

-brian

On Sat, 25 Jan 2003, Richard M. Smith wrote:

> However, this worm might not be so harmless as it appears because of
> collateral damage:
>
> Bank of America ATMs Disrupted by Virus
>
> http://story.news.yahoo.com/news?tmpl=story&ncid=578&e=3&cid=569&u=/nm/2

> 0030125/tc_nm/tech_virus_dc
>
> "SEATTLE (Reuters) - Bank of America Corp. said on
> Saturday that customers at a majority of its 13,000
> automatic teller machines were unable to process
> customer transactions after a malicious computer worm
> nearly froze Internet traffic worldwide."
>
> Richard M. Smith
> http://www.ComputerBytesMan.com
>
> -----Original Message-----
> From: Jason Coombs [mailto:jasonc (at) science (dot) org [email concealed]]
> Sent: Saturday, January 25, 2003 4:41 PM
> To: Jay D. Dyson; Bugtraq
> Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
>
>
> Jay Dyson wrote:
> > And to think...up until tonight, I thought the vulnerabilities
> > that paved the way for Nimda were the worst that Microsoft could do
> > to the net.community. They've really topped themselves this time.
>
> As of now we don't know who wrote the worm, but we do know that it looks
> like a concept worm with no malicious payload. There is a good argument
> to
> be made in favor of such worms. Whomever did write this worm could have
> done
> severe damage beyond unfocused DDoS and chose not to do so. One would
> expect
> intelligence agencies in developed countries to write and release
> precisely
> this type of concept worm as a form of mass inoculation against
> malicious
> attacks.
>
> Before you get upset at your vendor, or anyone else's, consider the
> bigger
> picture and recognize the increased security hardening the Internet just
> received. Belief in this silver lining shouldn't be taken too far, of
> course, but flaming anyone over an event like this is misplaced
> considering
> the number of infosec experts who would probably have agreed to write
> this
> worm if approached by their nations' government with proof that an
> adversary
> was planning to cause severe harm by exploiting the W32/SQLSlammer
> vulnerability.
>
> Sincerely,
>
> Jason Coombs
> jasonc (at) science (dot) org [email concealed]
>
>

[ reply ]

Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 26 2003 12:48AM
Andrew Emerson (westy vividhosting com)

Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jan 26 2003 12:46AM
peloy chapus net (Eloy A Paris)