[Full-Disclosure] DCOM/RPC story (Analogy)
Ralf
ralfml at alfray.com
Mon Sep 1 00:16:30 BST 2003
madsaxon wrote:
> Assuming that he is, in fact, responsible. If I wanted
> to release a worm and blame someone else for it, the first thing
> I'd do is pick out some basically clueless kiddie who's been
Sure but then why wasn't the original version doing so?
Why limiting the target to one script kiddie and letting him have a
backdoor control over it?
Why contacting only one IP? Given the expected spread of the worm,
contacting one sole site would almost be similar to DDoSing yourself in
the foot.
What you suggest is almost as if someone steals a credit card and order
stons of stuff online and have it delivered at the card's owner home.
He/she sure would have a lot of trouble proving the bank it was
fraudulent, but then why would this be done but by someone who knows and
hates that person?
Yet it's all right. Tracing the original responsible person/group is
probably so much trouble that authorities will love having someone easy
to blame.
R/
Full-Disclosure is hosted and sponsored by Secunia.