Home page logo

nanog logo nanog mailing list archives

Blackworm hunbers [Was: Re: Martin Hannigan]
From: "Fergie" <fergdawg () netzero net>
Date: Wed, 25 Jan 2006 22:31:35 GMT

Well, let's hope we can watch the Super Bowl in peace -- I'm
turning my pager & cell phone off anyways. :-)

In any event, as Alex Eckelberry writes over on the Sunbelt
Software blog, "...we’re now seeing infestations for the
Blackworm worm (aka KamaSutra) getting close to 2 million.

"Yesterday it was at close to 700k. 

"Of course, it’s possible that this URL has gotten out to
the public, which would increase the count (simply hitting
the website increments the count by one).  However, to my
knowledge, this URL is only known in the security community.

"Remember that this worm has a very destructive payload. Even
if you discount the number here, you’re still looking at a
significant number of people who will suffer potentially
devastating data loss."

I couldn't agree more.


- ferg

ps. http://sunbeltblog.blogspot.com/2006/01/blackworm-worm-over-18-million.html

-- Martin Hannigan <hannigan () world std com> wrote:

Further, our reports lead to a SANS ISC temporary URL's for each AS.

The last time SANS felt something was so serious they needed all
of NANOG to dance, they came out and said so. That's their handlers
diary. I read it. A lot of people read it. It's well balanced and 
usually on target. Just like that. It's not alarmist. It seems 
fairly certain that as long as Symantec et. al. do their thing, we
will be able to watch the superbowl in peace.


"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]