Lack of Info (was Re: Impending (mydoom) DOS attack)

• Previous message (by thread): Impending (mydoom) DOS attack
• Next message (by thread): Impending (mydoom) DOS attack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 30 Jan 2004, Leo Bicknell wrote:
> If anyone has any good analysis on the current worm (other than "it
> attacks www.sco.com"), that would be welcome.

Yep, the information gap is pretty big on this one.  Neither the
anti-virus vendors nor the ex-Symantec guy at Homeland Security
seems to be releasing much details how the virus actually behaves
on the network.  Lots of information about changing Windows
registries, but not much about how often it checks or loads
the network.

Some people say they've gotten it to do something in the lab, other
people report its a dud.  I can't tell what the difference is.

• Previous message (by thread): Impending (mydoom) DOS attack
• Next message (by thread): Impending (mydoom) DOS attack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]