Domain: digitaloffense.net
Stories and comments across the archive that link to digitaloffense.net.
Comments · 8
-
Re:Confusing
yea - but i rather view errors and patchs and see that they are learning from their mistakes..
Adobe doesn't and it shows
MS learns and does well and has been doing a lot better this last decade.
but of all the bugs there are and have been my favorite for irony is
-
Re:Once again, kids
They claim that all the code is audited but the unrealIRCD trojan (only in the Loonix version but not the Windows LOL), debian OpenSSL fiasco and that huge Apache flaw that allowed administrator access, just to name a few, show that this is pure fantasy.
-
Re:::gasp::
sorry not just Closed source
http://www.debian.org/security/2008/dsa-1571
remember that gem???
http://digitaloffense.net/tools/debian-openssl/
"All SSL and SSH keys generated on Debian-based systems (Ubuntu, Kubuntu, etc) between September 2006 and May 13th, 2008 may be affected."
A good little write up.
Sorry but i have to say that these are both on par with each other.. both have very large and bad effects.
one is close source the other is open source.
I will give you that you see things like this far more often in closed source.. but just because it is open source does NOT make it more secure.
And before you mention that that bug was fixed - give MS the same window of time Debian did to clean it up (that includes fixing code - distributing code - and migrating data from old to new)
-
dissem and NOTES
A nice collection of data and NOTES.TXT here.
-
dissem and NOTES
A nice collection of data and NOTES.TXT here.
-
dissem and NOTES
A nice collection of data and NOTES.TXT here.
-
Some LinksReachability issues caused by the worm:
http://average.matrixnetsystems.com/Daily/markR.ht ml
http://mrtg.nac.net/switch9.oct.nac.net/3865/switc h9.oct.nac.net-3865.htmlThe advisory announcing the flaws:
http://www.nextgenss.com/advisories/mssql-udp.txt Various disassemblies and discussions: http://www.snafu.freedom.org/tmp/1434-probe.txt http://www.digitaloffense.net/worms/mssql_udp_worm / http://www.boredom.org/~cstone/worm-annotated.txtWriteups:
http://www.cnn.com/2003/TECH/internet/01/25/intern et.attack.ap/index.html
http://news.bbc.co.uk/2/hi/technology/2693925.stm
http://story.news.yahoo.com/news?tmpl=story&u=/ap/ 20030125/ap_wo_en_po/na_gen_internet_attack_2
http://bvlive01.iss.net/issEn/delivery/xforce/aler tdetail.jsp?oid=21824 -
Another look at the worm
From digitaloffense: A new worm which exploits a vulnerability in MS SQL Server is bringing the core routers to a grinding halt. The speed of the propagation can be attributed to the attack method and simplicity of the code. The worm sends a 376-byte UDP packet to port 1434 of each random target, each vulnerable system will immediately start propagating itself. Since UDP is connection-less, the worm is able to spread much more quickly than those using your standard TCP-based attack vectors (no connect timeouts). Some random screen shots and information about the worm can be found HERE.