[Dshield] LoveSan worm - I need a copy of it.
lists at webcrunchers.com
Wed Aug 13 20:24:13 GMT 2003
Do you know where I can find a copy of the LoveSan virus (worm) in binary.?
I've been asked to analyse it, so I can write a snort rule for it.
does it use UDP or TCPIP.... and where can I find info on it, or results of
earlier analysis of it.
I'm also looing for a good intel dis-assembler, one written in C and can run on UNIX machines or Mac OS-9, or OS-10.
I hear they exist, but initial web searches haven't come up with anything yet.
Figured I would ask here first, before spending a long time on a fruitless search.
if someone already wrote a snort rule for it, I would really like to get it installed in our IDS system as soon as possible for some of our customers.
I've already checked the Snort web site, nothing was there, unless they added it to their library and didn't mention it.
More information about the list