OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: [Full-disclosure] Sasser or other nasty worm needed

From: Octal (octetstreamgmail.com)
Date: Mon Nov 27 2006 - 13:31:04 CST


Well if it's an air gapped network then there's no way to get patches unless
you carry them over on a disk. When I taught a class at a local university
we did a similar experiment on an unpatched air gapped network.

On 11/27/06, K F (lists) <kf_listsdigitalmunition.com> wrote:
>
> a douchebag?
>
> I dunno but why the hell aren't your boxes patched to Sasser yet?
>
> -KF
>
>
> deep fried wrote:
> > What am I
> >
> > Consultant?
> > School Teacher?
> > Terrorist?
> >
> >
> >
> >
> >
> > On 11/27/06, *K F (lists)* <kf_listsdigitalmunition.com
> > <mailto:kf_listsdigitalmunition.com>> wrote:
> >
> > Dude... settle the hell down.
> >
> > I see little problem with this guy doing this on a closed LAN in a
> > lab
> > setting. What part of CLOSED LAB did you miss? Its not like he is
> > intentionally letting it loose on the entire school LAN.
> >
> > -KF
> >
> > ericschermac.com <mailto:ericschermac.com> wrote:
> > > Chris -
> > >
> > > I don't know what to make of your "please reply off-list; I'm
> > not a member"
> > > comment.
> > > It's almost as ridiculous as what you are requesting.
> > >
> > > If I take your question at face value, you are an INSTRUCTOR,
> > not an Admin.
> > > That means you probably teach an A+ class, maybe an abbreviated
> CCNA
> > > program.
> > >
> > > You have NO FUCKING BUSINESS WHATSOEVER even THINKING about
> > turning loose a
> > > dangerous piece of Malware in someone else's network. And it IS
> > someone
> > > else's network; specifically it belongs to the district.
> > >
> > > Speak as a network engineer for a large midwestern
> > schooldistrict, if you
> > > did that in MY network, I'd have your job. GOD HELP YOU if it
> > turns out
> > > that you actually ARE a teacher in my district. I don't
> > recognize the name,
> > > but you can bet your ass that every time we have an infection in
> > one of our
> > > schools from now until the stars burn out; that I'll be making a
> > point of
> > > asking who the computer teachers are in that building.
> > >
> > > You want to teach these kids a lesson? Write it on the blackboard.
> > >
> > > We have enough work to do just keeping up with the kids, without
> > an alleged
> > > professional turning loose a worm in our network.
> > >
> > >
> > > =================================================
> > > I'm a high school network administration teacher
> > > looking for a creative means of teaching my students
> > > the importance of patch management. I was hoping to
> > > let a particularly nasty worm loose on a closed lab
> > > so my students could see what happens during an outbreak,
> > > but I'm running into a hitch - I can't find a worm that
> > > would spread quickly enough to be useful.
> > >
> > > Does anyone have a copy of Sasser or a similar worm
> > > that they would be willing to send or link me to?
> > > Please contact me off-list. I would be happy to
> > > verify my identity as a high school teacher off-list
> > > as I'm sure that is a concern for most anyone who has
> > > what I am looking for.
> > >
> > > Please do not reply on list as I am not currently a member.
> > > Thank you,
> > > Chris
> > > ============================================================
> > >
> > >
> --------------------------------------------------------------------
> > > mail2web - Check your email from the web at
> > > http://mail2web.com/ .
> > >
> > >
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > > Hosted and sponsored by Secunia - http://secunia.com/
> > >
> > >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/