It really wouldn't matter even if you only got to 20%, 10% or even 5% of the vulnerable hosts. Those computer running a DDOS attack against anything would completely destroy it. According to netcraft http://www.netcraft.co.uk/survey/ there is over 7 million apache web servers that are up. Now if you found an exploit like the one code red exploited in apache. Even if you only got to 20% of the web servers with the payload, that still a good million or so servers out there infected. What if this worm happened to be really malicious and trashed web sites, deleted hard drives, or run some sort of DDOS attack. Even spawn some kinda nuke program in the internal network hooked up to the web server. Lord knows there is never a shortage of new nukes out for windows flavors. Now I do doubt anyone who would release this would have access to a OC-12 line to release the payload. But that doesn't mean he/she couldn't hack into a site that does. Or hack into multiple sites and release the payload from multiple sites at one time. We talk about this kinda attack now and don't believe it. But someone wanting to prove you all wrong will do it, and it will probably happen it just depends on when. -- Jason Yates jaywhy2at_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sat Aug 18 2001 - 10:21:28 PDT