How about setting it to 2359 8/15 and letting it roll over? Matt -----Original Message----- From: Sekurity Wizard [mailto:s.wizardat_private] Sent: Wednesday, August 13, 2003 3:03 PM To: incidentsat_private Subject: msblast.exe --> DDoS against windowsupdate.com (research) Hi all, Thought I'd do some research into this little hypothesis we've all been seeing, what will happen on the 16th!? Well, I've set up a named server (logging ALL queries into it) and an infected Win2k box (ran msblast.exe on it) into the same hub...and then set the date to the 16th......much to my surprise, NOTHING happened. Literally, nothing. No scanning for port 135, no DNS storms, no DDoS packets - nothing...what did I do wrong or...what does this mean? ./Wiz --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Aug 13 2003 - 19:45:27 PDT