[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Re: The Code-Red Worm is attacking... GOD it's attacking.

Subject: [cobalt-security] Re: The Code-Red Worm is attacking... GOD it's attacking.
From: Chris Adams <cmadams@xxxxxxxxxx>
Date: Thu, 19 Jul 2001 23:29:30 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Once upon a time, Carrie Bartkowiak <ravencarrie@xxxxxxxx> said:
> And just wait until Microsoft puts out XP - if you're not up on that, 
> go to www.grc.com and read about it - full socket support; we're 
> doomed. (Thanks to David Lucas for showing me the GRC attack page and 
> M$ articles.)

FYI: Steve Gibson is pretty much off his rocker on this one.  For
example, spoofed packets would not have been useful in this attack,
because it is VERY difficult to do a complete TCP connection from a
spoofed IP (unless it is to an old IP stack that has weak sequence
numbers).  Only connectionless protocols like ping (ICMP echo) and DNS
(UDP) are typically vulnerable to spoofed packets.
-- 
Chris Adams <cmadams@xxxxxxxxxx>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

References:
- [cobalt-security] The Code-Red Worm is attacking... GOD it's attacking.
  - From: shimi
- Re: [cobalt-security] The Code-Red Worm is attacking... GOD it's attacking.
  - From: Carrie Bartkowiak

Prev by Date: Re: [cobalt-security] The Code-Red Worm is attacking... GOD it's attacking.
Next by Date: Re: [cobalt-security] The Code-Red Worm is attacking... GOD it's attacking.
Previous by thread: Re: [cobalt-security] The Code-Red Worm is attacking... GOD it's attacking.
Next by thread: Re: [cobalt-security] The Code-Red Worm is attacking... GOD it's attacking.

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index