|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Lack of Info (was Re: Impending (mydoom) DOS attack)
On Fri, 30 Jan 2004, Leo Bicknell wrote: > If anyone has any good analysis on the current worm (other than "it > attacks www.sco.com"), that would be welcome. Yep, the information gap is pretty big on this one. Neither the anti-virus vendors nor the ex-Symantec guy at Homeland Security seems to be releasing much details how the virus actually behaves on the network. Lots of information about changing Windows registries, but not much about how often it checks or loads the network. Some people say they've gotten it to do something in the lab, other people report its a dud. I can't tell what the difference is.
|