Or how about putting some expletives in the name and watch the media try to say it. The name change IS irrelevant : Although the most widespread worm in while, it is also very LOUD. other virii may slow your computer down ect, while this one makes a never ending cycle of computer restarts as long as an unpatched computer is on the internet, making it OBVIOUS that its infected. The media, emails, and IM services smothered this worm in only a couple days. The effectiveness of this worm after a week or two as well as the exploit will be 0%. The designer would have been better off using the second DoS exploit that microsoft has no patch for than wasting our time with this one. Of course a 5 year old probably made this worm because it took the code straight from dcom.c and uses the port 4444 bindshell. Not only is it buggy(restarts), its SLOW. Congrats to the designer for the sloppiest, untested(or just plain stupid for allowing restarts), and not well though out worm in history. "oo im gonna DDoS windowsupdate.com so nobody can download the patch!" <- this led me to believe that the author is a 5 year old since the patch could be moved to, or already is at, a different server. Not an actual quote however :P --- John Sage <jsageat_private> wrote: > You can call it foo.exe or bar.exe and if it does > absolutely the same > thing, the name change is irrelevant... > > ...except to set off those self-serving companies > who are trying to > get some press out of all this: > __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
This archive was generated by hypermail 2b30 : Wed Aug 13 2003 - 15:37:03 PDT