|
|
ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #057 [Disassembled virus?] (1 message, 610 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/057.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.
START OF DOCUMENT
From: bzs@bu-cs.BU.EDU (Barry Shein)
To: phage
Date: Sat 16:31:32 05/11/1988 EST
Subject: Disassembled virus?
References:
[Thread Prev: 054]
[Thread Next: 059]
[Message Prev: 056]
[Message Next: 055]
I agree with Doug Comer. Was there *really* anything in there that was terribly sophisticated? I don't think so from what I've seen of it (we had some of it at Encore late Friday.) Let's face it, 99.9% of the virus was the hole in sendmail, he (or anyone else) could have done *anything* with that, "rm -rf /" after re-propagating wouldn't take much genius although more nefarious things are possible. Exploiting .rhosts is not exactly the stuff of rocket scientists (apologies to JPL :-) I say publish it for the curious though I would agree to wait until more discussion occurs, there's certainly no rush. -Barry Shein, ||Encore||
END OF DOCUMENT
| ISSN 1742-948X 01 (Online) | 2005/03/01 | Copyright 2002-2008 securitydigest.org. All rights reserved. |