On Tue, Aug 12, 2003 at 07:02:37PM +0200, Sebastian Niehaus wrote: > > And, of course, if MS started messing with the DNS entries for > > windowsupdate.com, it would be cutting an awful lot of users off from > > much needed updates. which could be as disturbing as the rest of the > > worm's effects... > > Could be a nice feature of a worm to modify the "hosts" file and > prevent infected maschines to do DNS lookups.
Interesting concept :) > Users typing "www.microsoft.com" into their browsers could be tricked > into downloading stuff from hostile servers and the "windows update" > could be disabeled easily. What if someone shutdowns the server ? I think a worm could be more efficient by disabling windowsupdate.com (ptr to 127.0.0.1), preventing users from patching easily their system. > This probably istn't a new concept, eh? I don't know. -- We are the knights who say echo '16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D4D465452snlbxq'|dc
pgp00000.pgp
Description: PGP signature
