[82842] in North American Network Operators' Group
Re: Cisco IOS Exploit Cover Up
daemon@ATHENA.MIT.EDU (Stephen Fulton)
Fri Jul 29 19:58:32 2005
Date: Fri, 29 Jul 2005 19:58:10 -0400
From: Stephen Fulton <nanog@esoteric.ca>
To: nanog@merit.edu
In-Reply-To: <42EA92F3.50609@he.iki.fi>
Errors-To: owner-nanog@merit.edu
Petri Helenius wrote:
> Fortunately destructive worms don't usually get too wide distribution
> because they don't survive long.
That assumes that the worm must "discover" exploitable hosts. What if
those hosts have already been identified through other means previously?
A nation, terrorist or criminal with the means could very well
compile a relatively accurate database and use such a worm to attack
specific targets, and those attacks need not be destructive/disruptive.
-- Stephen.
