[27126] in bugtraq
Re: Linux Slapper Worm
daemon@ATHENA.MIT.EDU (Charles Stevenson)
Thu Sep 19 17:55:20 2002
Message-ID: <3D8A4039.3030705@bokeoa.com>
Date: Thu, 19 Sep 2002 15:23:05 -0600
From: Charles Stevenson <core@bokeoa.com>
Reply-To: core@bokeoa.com
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
This method of security through obscurity will not prevent another
hacker from chaning the worm to use one of the modified versions of the
exploit which supports brute forcing. Nor does it trick Solar Eclipse's
scanner which actually overflows and checks to see if the server
response contains our data. All you did was waste your time. :)
peace,
core
--
Charles Stevenson (core) <core@bokeoa.com>
Lab Assistant, College of Eastern Utah San Juan Campus
http://www.bokeoa.com/~core/core.asc
