DPRG
DPRG List  



[DPRG] More virus attacks

Subject: [DPRG] More virus attacks
From: R. Steven Rainwater srainwater at ncc.com
Date: Wed Jan 28 15:08:02 CST 2004

On Wed, 2004-01-28 at 14:29, Jeff Koenig wrote:
> I thought the DDOS attack was supposed to start on the
> first of February. Is this true?

It's hard to tell. SCO's servers has been under real or imagined attacks
>from various sources off and on for months. And they get slashdotted a
couple of times a week too, making it hard to tell which (if any)
attacks are real.

The CERT warning says the virus will "possibly" execute a DDoS attack
against "a specific website" begining on February 1, 2004.

 http://www.cert.org/incident_notes/IN-2004-01.html

There are lots of users with misconfigured computers and Feb 1 is only a
few days away, so some installations may be attacking early.

But there are several posts on Bugtraq saying the virus immediately
begins sending bursts of 63 repeated HTTP requests to the SCO web server
after the user installs it on their computer. One of the Bugtraq users
also notes, "it's so sad when a thief (of services) decides to attack a
blackmailer"... ;-)

-Steve


More information about the DPRG mailing list