ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #057 [Disassembled virus?] (1 message, 610 bytes)
NOTICE: securitydigest.org recognises the rights of all third-party works.
START OF DOCUMENT
From: bzs@bu-cs.BU.EDU (Barry Shein)
Date: Sat 16:31:32 05/11/1988 EST
Subject: Disassembled virus?
References: [Thread Prev: 054] [Thread Next: 059] [Message Prev: 056] [Message Next: 055]
I agree with Doug Comer. Was there *really* anything in there that was terribly sophisticated? I don't think so from what I've seen of it (we had some of it at Encore late Friday.) Let's face it, 99.9% of the virus was the hole in sendmail, he (or anyone else) could have done *anything* with that, "rm -rf /" after re-propagating wouldn't take much genius although more nefarious things are possible. Exploiting .rhosts is not exactly the stuff of rocket scientists (apologies to JPL :-) I say publish it for the curious though I would agree to wait until more discussion occurs, there's certainly no rush. -Barry Shein, ||Encore||
END OF DOCUMENT
|ISSN 1742-948X 01 (Online) | 2005/03/01 | Copyright 2002-2008 securitydigest.org. All rights reserved.|