Suspected 'sasser' virus writer arrested
-
German Teen Confesses to Creating Sasser Computer Worm [^] cheers, Chris Maunder
-
German Teen Confesses to Creating Sasser Computer Worm [^] cheers, Chris Maunder
German newsticker c't is reporting that german police arrested the 'Phatbot' programmer yesterday too. (for those who read german http://www.heise.de/newsticker/meldung/47209) Too bad a german judge can't those sickos make to stay away from computers for the rest of their lives... dirk
-
German newsticker c't is reporting that german police arrested the 'Phatbot' programmer yesterday too. (for those who read german http://www.heise.de/newsticker/meldung/47209) Too bad a german judge can't those sickos make to stay away from computers for the rest of their lives... dirk
his nuts should be removed.:) No matter how many times u take a dump, u can never accumulate more than your mother. West African proverb(a favorite of my mother).
-
German Teen Confesses to Creating Sasser Computer Worm [^] cheers, Chris Maunder
Teen 'confesses' to Sasser worm[^] BBC: VICTIMS OF SASSER Hospitals in Hong Kong Taiwanese post offices British Airways check-in desks British coastguards Railways in Australia thank God .. I'm not among them ;P
-
German Teen Confesses to Creating Sasser Computer Worm [^] cheers, Chris Maunder
Unlike most outbreaks, it does not require a computer user to open a file in order to be activated - it can invade a machine directly via the internet.How does it do this? -
Unlike most outbreaks, it does not require a computer user to open a file in order to be activated - it can invade a machine directly via the internet.How does it do this?Find an open port that the firewall lets through (if there is even a firewall) and inject something bad into an existing service that happens to use the open port. The SQL Slammer worked in this way - that virus would look for SQL Servers that are exposed on a network and inject its code as a buffer overflow which will then be run and the machine is infected. The fix is securing the code that allowed its buffer to overflow into adjacent data. There is talk of intel chips in the future being able to mark memory as data or executable code so that if a buffer overflow occurred the executable code of the virus would be injected into a data section, which the processor would refuse to run.
"You can have everything in life you want if you will just help enough other people get what they want." --Zig Ziglar Coming soon: The Second EuroCPian Event
-
Find an open port that the firewall lets through (if there is even a firewall) and inject something bad into an existing service that happens to use the open port. The SQL Slammer worked in this way - that virus would look for SQL Servers that are exposed on a network and inject its code as a buffer overflow which will then be run and the machine is infected. The fix is securing the code that allowed its buffer to overflow into adjacent data. There is talk of intel chips in the future being able to mark memory as data or executable code so that if a buffer overflow occurred the executable code of the virus would be injected into a data section, which the processor would refuse to run.
"You can have everything in life you want if you will just help enough other people get what they want." --Zig Ziglar Coming soon: The Second EuroCPian Event
The way the sasser "worm" (not virus) works is that it generates random ip addresses then trys to connect to them on port 9996 then it sends shellcode which causes LSASS to go retrieve the worm off the relaying infected computer's ftp server. Then LSASS downloads the file the executes it. If you are not patched this virus can get in and the user doesnt even have to open anything. You would think Microsoft would do a little debugging to stop this thing from happening but apparently not. Trust me, more holes in the OS will be found and this is just the beginning of these worms like Blaster and Sasser. -Ryan M.
-
Find an open port that the firewall lets through (if there is even a firewall) and inject something bad into an existing service that happens to use the open port. The SQL Slammer worked in this way - that virus would look for SQL Servers that are exposed on a network and inject its code as a buffer overflow which will then be run and the machine is infected. The fix is securing the code that allowed its buffer to overflow into adjacent data. There is talk of intel chips in the future being able to mark memory as data or executable code so that if a buffer overflow occurred the executable code of the virus would be injected into a data section, which the processor would refuse to run.
"You can have everything in life you want if you will just help enough other people get what they want." --Zig Ziglar Coming soon: The Second EuroCPian Event
-
Find an open port that the firewall lets through (if there is even a firewall) and inject something bad into an existing service that happens to use the open port. The SQL Slammer worked in this way - that virus would look for SQL Servers that are exposed on a network and inject its code as a buffer overflow which will then be run and the machine is infected. The fix is securing the code that allowed its buffer to overflow into adjacent data. There is talk of intel chips in the future being able to mark memory as data or executable code so that if a buffer overflow occurred the executable code of the virus would be injected into a data section, which the processor would refuse to run.
"You can have everything in life you want if you will just help enough other people get what they want." --Zig Ziglar Coming soon: The Second EuroCPian Event
Colin Angus Mackay wrote: There is talk of intel chips in the future being able to mark memory as data or executable code so that if a buffer overflow occurred the executable code of the virus would be injected into a data section, which the processor would refuse to run. Sounds like a long overdue change.
-
German Teen Confesses to Creating Sasser Computer Worm [^] cheers, Chris Maunder
New version of Sasser undermines lone coder theory Sigh... -- A quandary is a camel with 4 humps.