Full Disclosure: RE: MyDoom.b samples taken down

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

RE: MyDoom.b samples taken down

From: Steve Wray <steve.wray () paradise net nz>
Date: Mon, 02 Feb 2004 21:11:12 +1300

From: full-disclosure-admin () lists netsys com 
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of 
Bill Royds

[snip]

To amateur "virus researchers", unless you have a "Clean 
room" to test the virus (a completely isolated computer network with

the

ability to catch all possible traffic and machine state changes), you

have little

likelihood of finding something new before you re-infect the Internet

with

the virus.


I second that, and would like to add the phrase 'air gap'
:)

Its an important notion.

The ability of nasties to get from the clean room to machines
on your LAN or the internet should be limited to the capacitance
of thin air. No wires.



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

By Date By Thread

Current thread:

Re: MyDoom.b samples taken down, (continued)
- RE: MyDoom.b samples taken down Brad Griffin (Feb 01)
- RE: MyDoom.b samples taken down first last (Feb 01)
  - RE: MyDoom.b samples taken down Bill Royds (Feb 01)
    - Re: MyDoom.b samples taken down Valdis . Kletnieks (Feb 01)
    - RE: MyDoom.b samples taken down Steve Wray (Feb 02)
    - RE: MyDoom.b samples taken down Steve Wray (Feb 02)
- RE: MyDoom.b samples taken down first last (Feb 01)
  - RE: MyDoom.b samples taken down Nick FitzGerald (Feb 01)
- RE: MyDoom.b samples taken down Dowling, Gabrielle (Feb 01)
  - RE: MyDoom.b samples taken down Todd Burroughs (Feb 02)