RE: CRIME SQLSlammer Worm

From: IWS Newsfeed (newsfeed@private)
Date: Tue Jan 28 2003 - 07:36:11 PST

  • Next message: Elaine Scheller: "CRIME MSFT Paybacks"

    I though there was a standard convention on naming virii and worms, but
    unfortunately anti virus companies seem not to follow it.
    
    See CARO virus naming convention.
    
    What'd you call that virus?
    http://www.zdnet.com/products/stories/reviews/0,4161,2705199,00.html 
    
    WEN
    
    
    ------------------------------------------------------------------------
    'Information is the currency of victory on the battlefield.'
    GEN Gordon Sullivan, CSA (1993)
    ------------------------------------------------------------------------
    
    Wanja Eric Naef
    Principal Researcher
    IWS - The Information Warfare Site
    http://www.iwar.org.uk
    
    ------------------------------------------------------------------------
    Join the IWS Infocon Mailing List @
    http://www.iwar.org.uk/general/mailinglist.htm
    ------------------------------------------------------------------------
    
    
    
    -----Original Message-----
    From: owner-crime@private [mailto:owner-crime@private] On Behalf
    Of Polowski, Mike
    Sent: 28 January 2003 07:32
    To: 'tobyhush@private'; crime@private
    Subject: RE: CRIME SQLSlammer Worm
    
    At least eEye gave out better props.  Their email was also dated
    about 5:04 am 1-25 a full day earlier than the ISS one.
    
    Later,
    	jMp
    
    -----Original Message-----
    From: tobyhush@private [mailto:tobyhush@private] 
    Sent: Monday, January 27, 2003 9:53 PM
    To: crime@private; aplato@private
    Subject: Re: CRIME SQLSlammer Worm
    
    
    
    -----BEGIN PGP SIGNED MESSAGE-----
    
    Actually,
    I'm pretty sure eEye saw it and named it first. They at least had the
    first
    public analysis of it that I saw...
    Saphire sounds better anyway.
    ;)
    
    t
    
    On Mon, 27 Jan 2003 19:05:34 -0800 Andrew Plato <aplato@private>
    wrote:
    >Anybody else notice the interesting little war going on with this
    >worm. I believe ISS was the first to report the worm and they named
    >it SQL Slammer.
    >
    >But then other companies jumped on it and gave in their own name.
    >
    >
    >So now the worm has like 12 different names. ISS calles it SQL
    >Slammer, eEye and F-Secure call it Sapphire, Symantec calls it
    >SQLexp, and Kaspersky labes calls it Helkern, and Trend Micro has
    >the
    >most elegant name SQLP1434.A (which sounds more like an asteroid
    >then
    >a worm).
    >
    >I kind of liked Slammer - seeing as how it did slam the Internet
    >pretty hard. Sapphire sounds like a porn star and Helkern sounds
    >like
    >a German beer.
    >
    >Seems kinda petty to me, but when have security firms been above
    >pettiness?
    >
    >___________________________________
    >Andrew Plato, CISSP
    >President / Principal Consultant
    >Anitian Corporation
    >
    >503-644-5656 Office
    >503-644-8574 Fax
    >503-201-0821 Mobile
    >www.anitian.com
    >___________________________________
    >
    -----BEGIN PGP SIGNATURE-----
    Version: Hush 2.2 (Java)
    Note: This signature can be verified at https://www.hushtools.com/verify
    
    wl0EARECAB0FAj42GskWHHRvYnlodXNoQGh1c2htYWlsLmNvbQAKCRCCZA+ELDMXIF9r
    AKCzI9lHAemv/4MLEvNEqm0RYgw7OwCeIkaHC6yO9zzIsuSzp6a+zWSWUT8=
    =j8PO
    -----END PGP SIGNATURE-----
    
    
    
    
    Concerned about your privacy? Follow this link to get
    FREE encrypted email: https://www.hushmail.com/?l=2 
    
    Big $$$ to be made with the HushMail Affiliate Program: 
    https://www.hushmail.com/about.php?subloc=affiliate&l=427
    



    This archive was generated by hypermail 2b30 : Tue Jan 28 2003 - 08:21:08 PST