Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 31

Thread: sasser.a suspect caught

  1. #21
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,840
    These people may be causing damage, but at least it's not human life, its a cyber war to see who can cause the most damage.
    For now...but crippling information transfer could result in loss of human life.

  2. #22
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    The problem with these "hacking groups" is that they're consisted of the most immoral, misguided, and overall overconfident people I can think of. Are they smart? Yes, sometimes frighteningly so. Are they capable? Yes again...

    SHOULD THEY ALREADY KNOW WHAT THEY COULD BE RELEASING INTO THE FREAKING WILD WITH THEIR CHILDISH HIGHSCHOOL-ESQUE BACK AND FORTH PROGRAMS?!?!?!

    Once again, YES. Give me a break. "I didn't know what kind of damage nor to what extent it would be..." should be met with "Should've thought about that, 20 years without parole, no chance to ever sit behind a keyboard again". IT staff EVERYWHERE has had to work TRIPLE TIME (keep in mind, 90% or more of us are salary so guess what, no OT for us!) to keep these idiots out of our networks because of two failings:

    1: any known exploit that's abused in any windows environment

    coupled with

    2: end users who aren't educated to preventing these things through regular measures of updating windows, running updated antivirus scans, etc...

    Knowledge is power and yes, these and others could've done something different and better but I have no sympathy because you know they know that everyone will read their back and forth banter and for all we know, they're all one big group laughing at all of us thinking they're two warring factions in cyber-crime.

    Throw them under the jail and get rid of the key, if you ask me. IMHO, of course, hehe...
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  3. #23
    AO's Resident Redneck The Texan's Avatar
    Join Date
    Aug 2003
    Location
    Texas
    Posts
    1,539
    they said before he was caught he might have released another version of Sasser....
    Git R Dun - Ty
    A tribe is wanted

  4. #24
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,024
    SHOULD THEY ALREADY KNOW WHAT THEY COULD BE RELEASING INTO THE FREAKING WILD WITH THEIR CHILDISH HIGHSCHOOL-ESQUE BACK AND FORTH PROGRAMS?!?!?!
    Hey, watch the high school dissing, some of us are still there ...

    But, I am not at their maturity level thankfully.

  5. #25
    Senior Member
    Join Date
    Jan 2003
    Posts
    1,499
    If eEye kept the code private and worked with microsoft on a private profesional basis the internet user's wouldnt have had to cope with this and microsoft could have renounced it in there next hotfix users are patched damage would have been minimal if any
    Prodikal, I think its more likely that the virus was a direct result of someone decompiling the patch to find out what exploit it was fixing.

    Just a theory. I know I rip these patches to bits every time I get them to see what they are changing.

  6. #26
    AO Part Timer
    Join Date
    Feb 2003
    Posts
    331
    Original link

    but is expected to slow down as computer users download anti-virus patches.
    Correct me if I am wrong here, but couldn't this of been avoided if the MS patch was installed in the first place?

    2 cents
    Your heart was talking, not your mind.
    -Tiger Shark

  7. #27
    Senior Member
    Join Date
    Jan 2003
    Posts
    1,499
    Valid 2 cents Dopey. The patch was out before the virus this time.

  8. #28
    Senior Member
    Join Date
    Apr 2002
    Posts
    1,050
    Mark: The patch was released
    Issued: April 13, 2004
    Updated: May 4, 2004
    Source


    the earliest POC was

    04.24.2004
    then a universal exploit was released on

    04.29.2004
    Source
    then the virus appeared on the scene

    The Sasser Internet worm first appeared April 30
    Source

    Is 11 days really that long to patch millions of users world wide ?. I think the exploit framework was probably done with the first POC that was released and when the second was released it was twice more damage think about when the universal exploit and when the worm appeared so in 16 days of a patch and advisorey being released there was a very malicious worm out in the wild. I ask you is 16 days really enough to provent someting like this happening they should have kept the code under raps for at-least 2 month, 2 month is a decent wait for the vx scene then after 2 month the worm wouldnt have that much to exploit there still would be vulnerable computers out there, there still is vulnerable DCOM hosts from the first exploit that was released but the sasser worm causes the computer to reboot so users would think there is something seriously wrong take it to be fixed and the problem would be solved so those computers are going to be cleaned of the virus not unless the user is really stupid or just ignorant so i think this will be a easy clean up but still something that could have been prevented
    By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
    The 20th century pharoes have the slaves demanding work
    http://muaythaiscotland.com/

  9. #29
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Is 11 days really that long to patch millions of users world wide ?.
    What would have happened if all the millions of users worldwide had been firewalled in the first place..... Not much really...... The vulnerable "default on" services would have been protected by it.....

    I, for one, am looking forward to XP SP2.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  10. #30
    Senior Member
    Join Date
    Mar 2004
    Posts
    139

    Keeping a known vulnerability under wraps, especially one that has been discovered by an outside party, might be very difficult for MS to do. They are caught between a rock and a hard place. Consider a leak before a patch has been issued. MS may open itself to litigation. It may just pierce their legal defense, by virtue of not showing due diligence, and could set a precedence for other legal action. In their risk management, they must feel compelled to act ASAP on known exploits.

    With as many patches and hotfixes that have been issued in the past, it is beyond my understanding why individual users and especially admins fail to update their systems in a timely manner. I am aware that patches can affect the functionality of operating systems, requiring more work of admins by testing the patch, but hey, that is why there are admins.

    The grass is always greener on the other side of the fence.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •