|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Any dissasemblies of the Witty worm yet?
From: Nicholas Weaver (nweaver
CS.berkeley.edu)
Date: Sat Mar 20 2004 - 09:51:15 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Has anyone done a dissassembly of the "Witty" worm yet?
http://isc.incidents.org/diary.html?date=2004-03-20
http://securityresponse.symantec.com/avcenter/venc/data/w32.witty.worm.html
using the
http://seclists.org/lists/bugtraq/2004/Mar/0181.html
recent bug in BlackICE/RealSecure?
We are seeing a lot of activity from this worm, although even
a small infection would generate a LOT of traffic (a side-effect of
bandwidth-limited worms, such as single-packet UDP worms).
Thanks.
--
Nicholas C. Weaver nweavercs.berkeley.edu
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]