[unisog] Blaster DDOS potential

Tracey Losco tracey at nyu.edu
Thu Aug 14 15:50:12 GMT 2003


Hey there,

Does anyone have the actual code where we can see the call for the 
DDoS?  I haven't been able to get my hands on a copy of the program 
so that I could run strings against it...

Thanks in advance,

Tracey

At 10:16 AM -0400 8/14/03, Ed Gibson wrote:
>Hello everyone
>
>This mornings discussions around the water fountain brought forth
>concern about excessive DDOS traffic being thrown outbound this weekend.
>Trendmicros overview of the virus indicates that it is coded to through
>DDOS at windowsupdate.com starting on August 16th. i.e. After midnight
>Friday.... Obviously something we don't want ot spend our weekend
>reacting to. While were cornering as best we can, the remaining Blasters
>were entertaining the idea of hijacking the DNS entry for
>windowsupdate.com and pointing it towards a bit bucket at least until
>Monday morning.
>
>Thoughts/comments?
>
>Ed Gibson
>University of Western Ontario
>Network Operations


-- 
--------------------------------------------------------------------
Tracey Losco
Network Security Analyst		security at nyu.edu
ITS - Network Services		http://www.nyu.edu/its/security
New York University			(212) 998 - 3433

PGP Fingerprint: 8FFB FE47 6156 7BF0  B19E 462B 9DFE 51F5



More information about the unisog mailing list