|
-
March 3rd, 2004, 11:40 PM
#11
I know Tiger Shark is a snort user but I was wondering if anyone used the rules I had developed for the original Novarg virus? I tried to develop them to still function even under virus mutations.
What really should trigger on all these viruses though are the UPX rules I posted here. All these current viruses are still using UPX to hide the exe. And like Ive said before UPX is BS, its made specifically for trojans and virus writers to hide there exe's. While the UPX's rules do generate some false positives it has been 100% effective in triggering on true UPX viruses.
That which does not kill me makes me stronger -- Friedrich Nietzche
-
March 4th, 2004, 02:40 AM
#12
Actually Angel, I gave your sigs to a one of our network engineers to try out. Called him today to see if he implemented them before the new beagle strain but he hasn't put them in place yet. I will let you know how they work when he gets them in. 
-Maestr0
Nice work BTW, send me a PM if you have any other interesting stuff laying about.
\"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier
-
March 4th, 2004, 08:37 PM
#13
W32.Netsky.G@mm
Well it looks like the next shot in this little virus writers war has just been fired. A new variant of the Netsky family has been spotted.
W32.Netsky.G@mm
Cheers:
-
March 4th, 2004, 09:13 PM
#14
An alphabet war?
Netsky is currently @ G... so 19 more varients to go?
MyDoom is currenty @ H... so 18 more varients to go?
Beagle is currently @ K... so 15 more varients to go?
Or, first to Z wins? Wonder what they "win"? What happens if they go past Z? Will they start all over again? W32.Netsky.AA.mm ? Anyone aware of any writer actaully creating that many varients? Am I asking too many questions? I think I need a vacation?
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
March 4th, 2004, 09:58 PM
#15
Well from a "number of hits perspective" the Beagle family is winning at my gateway. Netsky is coming in second and Mydoom a distant third.
Cheers:
-
March 5th, 2004, 06:32 PM
#16
W32.Netsky.H@mm
Another shot fired.
W32.Netsky.H@mm
Tag Beagle, your it.
Cheers:
-
March 5th, 2004, 08:04 PM
#17
These shots you are seeing fired are nothing compared to what is coming down the line. Most of these viruses (according to my underground sources) are nothing more than fact finding viruses. Some are being respun by kiddies but there is a much higher purpose to this than just pissing off admins and security folks.
These viruses are all part of the plan to see how fast a virus/worm/trojan can spread across the internet. The idea is to get the time down below 15 minutes because this is the timeframe that virus coders have determined as the fastest amount of time that an enterprise can respond to an attack.
And for the grand finale, get ready for the polymorphic virus. Yes, this is a theory at the moment but some of my industry insiders have told me that two major AV companies have already begun development (and have beta code already) to combat this not too distant threat.
To sum it up, if you think you're in pain now, just wait about 6 months to a year.
Remember where you heard this first.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
March 5th, 2004, 08:10 PM
#18
Thanks Hoss, that just made my day.......you got any good news for us. 
-
March 5th, 2004, 08:13 PM
#19
Yes, I just saved a bunch of money on my car insurance...
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
March 5th, 2004, 08:15 PM
#20
Originally posted here by thehorse13
Yes, I just saved a bunch of money on my car insurance...
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
