Sorry, No ads on this site.

H a c k e r N e w s N e t w o r k

Defaced Pages Archive

HNN Affiliates

Affiliate Resources

I Want My HNN

Write For HNN

HNN Privacy Statement

Who Is HNN?











        





























1999 Year In Review


HNN T-Shirts


T-Shirt Picture Gallery


HNN News Archive






















Freedom of the press is limited to those who own one.

   - A.J. Liebling



 











	

 
	
	









Date:        6/12/00 10:14 AM

Received:    6/12/00 11:58 AM

From:        Scott Shreve, mss@netsec.net

To:          contact@hackernews.com

CC:          Jerry, jph@netsec.net



Howdy all,


Just wanted to take a moment to respond to your top news article today.
Nobody at NetSec ever said the Trojan was new. We stated that several
thousand infected clients were being utilized for DDOS's by two
administered
servers. As for this variant of SubSeven being incapable of performing
a
DDOS- that's incorrect.


Unless my definition of DDOS is skewed, I'm relatively sure that an
installed agent capable of producing focused burst of packets from 1 of
many
infected clients(at a single target) and at  the whim of a single point
of
administration is the very definition of a DDOS. NetSec was not
surmising
that the trojan was "possibly" a tool that could be used to perform a
DDOS,
the event was logged and recorded this past week. I think that the
majority
of the infected clients (who are in the process of being informed as I
write) will disagree with Frank's opinion.


While the media has performed to their regular standard of sowing the
seeds
of FUD, we have been guilty of nothing more than attempting to alert
people
to the fact that many hosts have been put in a position to unknowingly
wreak
mayhem. If we wanted press, NetSec would release the list of infected
clients - THAT would would make good press.


Nobody said there was a cutting edge new tool out there. We just found
definitive evidence that several thousand machines fell victim to a
slightly
modified version of an old tool.


The binary has been torn apart and distributed to several sources in
the
vain attempt to perform a service to the community and avoid much of
the
mudslinging that is currently going on. If anybody bothered to watch
the CBS
morning show they would have seen us state on National TV that the
trojan
was a modified version of SubSeven and the focus of the threat was not
the
"scariness" of the tool- it was the size of the infected populace and
the
serious nature of SOME of the infected clients.


NetSec does it's best to detect impending problems before they occur,
not
after a bunch of kids have inconvenienced the hell (as well as cost a
lot of
money) out of some .com they have a grudge against. That's our job,
that's
what we do.


I'd appreciate it if this reponse was posted. It's certainly not an
attempt
to start a debate, merely to set the record straight.


Have a nice day.

___________________________

M. Scott Shreve

Director of NSOC Technologies

NETSEC

703.561.0420











			



	
	
	







buffer overflow







HNN Store








c o n s

a b o u t

p r e s s

s u b m i t

s e a r c h

c o n t a c t





















	
Today
Yesterday
10/08/00
10/07/00
10/06/00
10/05/00
10/04/00
10/03/00
	
			


 






 

	

 





          




        
	
 
	

         












These pages are Copyright © 2000
Hacker News Network All Rights Reserved.