.:Computer Defense:.

Home > IT, Security > RPC DNS Worm

RPC DNS Worm

April 16th, 2007 Leave a comment Go to comments

Yesterday I questioned if we'd see a worm related to the RPC DNS Vuln...

Both McAfee (additional info) and ISC are reporting that we are.

According to the ISC the worm is only scanning port 1025... I question whether this was the displayed behavior or the worm is actually hard coded only to look at this port... It seems like poor design if it's only looking at port 1025.

If anyone has a sample of the worm, please let me know because I'd love to get ahold of it.

Categories: IT, Security Tags:

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

Comments (0) Trackbacks (1) Leave a comment Trackback

No comments yet.

April 17th, 2007 at 09:39 | #1

Nirbot’s Latest Move: MS DNS Exploits · Security to the Core | Arbor Networks Security Blog

What I learned this week… The DNS Vuln

RPC DNS Worm

Recent Posts

Categories

Blogroll

Archives

Meta