On Sat, 26 Jul 2003 23:49:05 PDT, "Steve W. Manzuik" said: > A worm exploiting this might happen, but is it really that big of a deal?
Compare the number of boxes that have the bug Slapper exploited with the number of boxes that have DCOM open to the world.... When I hear that a worm's finally been spotted, I'm yanking my laptop off the net and going home - and it's a Linux box. I'm just expecting to not get any useful connectivity for a while. And of course, anybody who's got half a clue and writes a worm is going to have it drop off a trojan/backdoor... And then those boxes get used as spam relays, front-end boxes for porn websites, keyboard sniffers, etc etc. Gonna take a LONG time to clean that mess up. Hell, we're *still* seeing Code Red traffic. And what we've *NOT* seen in the last 2 years is a CERT advisory of this magnitude against a Microsoft product that didn't spawn a "Holy Shit" scale worm. Unfortunately, we've gotten so lulled by the "Just another damned worm" scenario that maybe it's NOT a big deal anymore. And that's just as scary as the actual worm.
pgp00000.pgp
Description: PGP signature
