18 Dec
2007
18 Dec
'07
11:50 a.m.
On Tue, 18 Dec 2007 12:14:52 +0100 Iljitsch van Beijnum <iljitsch@muada.com> wrote:
I'd say that the huge address space makes life impossible for scanning worms.
Perhaps for random address scanning, but certainly not for scanning worms generally. In addition to the paper Steve Bellovin provided a link to, consider how many vulnerabilities are in the app compared to the stack and raw listeners these days. Miscreants know how to progamatically feed a list of search terms to the search engines and parse the results. There are a lot of vulnerable web apps out there and they are actively being scanned, tested and exploited. Plugging the words 'rfi' and 'scanner' into a search engine for further detail. John