Date: Wed, 3 Mar 2004 16:15:39 +0000 (GMT) From: "Stephen J. Wilcox" <steve@telecomplete.co.uk> Sender: owner-nanog@merit.edu
Erm is it me or are the writers of Bagle and Netsky determined to keep morphing their code to outwit the virus scanners.. is this a new trend in virus writing - beat the systems by evolving your code quicker than the security firms can release updates?
new trend in that it started only a decade ago?
Perhaps I'm only following this as its affecting us more, but I dont recall a time previously when I've had so many viruses hitting us and getting thro our scanners with nothing we can do about it. I dont recall seeing viruses with variants as high as 'j' before, especially in the relatively short time since the previous variants were out
Seriously, drop some references if I'm off-track.. its just my perception and I'm not an expert at all with viruses...
They are getting batter at it, but the WANK worm (1989) used self-modifying code so that no two replicas were the same. (Note: This worm only infected VMS systems running on the global DECNET internet, mostly DOE, NASA, and DEC corporate systems.) -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634