Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Incidents
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: WMF Threat OK , but no huge attack ... WHY ?

from [Ward, Patrick James] Network Security [Permanent Link]
Subject: RE: WMF Threat OK , but no huge attack ... WHY ?
Date: Mon, 9 Jan 2006 15:46:29 -0800 
Well, it seems to me you are making a huge assumption here:  That not
much bad actually happened.  It has been my experience that when people
who know what they are doing set out to exploit a system, there is very
little, if any, evidence left.  Why do you assume that an attack (or
more likely, many attacks) did not occur that simply have not been
detected/observed?  

It is not difficult to create an exploit for this issue that is not
detectable via antivirus or IDS/IPS, and is also relatively easy to
create something that is very covert in what it does to avoid
observation.  And with the "me too" attention that this issue is
generating (i.e. the follow on WMF exploits posted today by cocoruder -
which are not addressed by MS06-001), I don't think that we have seen
the end of these WMF issues, not by a long shot.

Cheers,

Patrick 

-----Original Message-----
From: pejman.gohari@gmail.com [mailto:pejman.gohari@gmail.com] 
Sent: Monday, January 09, 2006 9:34 AM
To: incidents@securityfocus.com
Subject: WMF Threat OK , but no huge attack ... WHY ?

Hi,

The WMF threat was and continues to be important.
But I'm curious to know why we didn't observe any important attack on
Internet? 

WMF was a perfect Zero-Day attack and a scenario like the blackout of
Internet was possible ... but nothing ... or no important attack! 
No BOT virus deployed? No DOS worm attack? ... 

All hackers become white-hat? 
Or they attacked and we didn't see anything? 

Any hypothese / explanation ? 

Regards,
Pejman
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: WMF Threat OK , but no huge attack ... WHY ?, Valdis . Kletnieks
Next by Date:  constant flow of root queries, Brian Collins
Previous by Thread:  WMF Threat OK , but no huge attack ... WHY ?, k levinson
Next by Thread:  Dead thread: Why was there no WMF Internet Attack..., Daniel Hanson
Indexes:  [Date] [Thread] [Top] [All Lists]