On Fri, 29 Jul 2005, Stephen Fulton wrote:
Petri Helenius wrote:
Fortunately destructive worms don't usually get too wide distribution because they don't survive long.
That assumes that the worm must "discover" exploitable hosts. What if those hosts have already been identified through other means previously? A nation, terrorist or criminal with the means could very well compile a relatively accurate database and use such a worm to attack specific targets, and those attacks need not be destructive/disruptive.
and why pray-tell would they bother with any of this complex 'remote exploit' crap when they can send a stream of 3mbps at any cisco and crunch it? as someone said before, the 'big deal' in the talk was: "Hey, IOS is just like everyother OS, it has heap/stack overflows that you can smash and get arbitrary code to run on."