Worm bait?
gboyce at buddha.badbelly.com
gboyce at buddha.badbelly.com
Wed Aug 20 15:30:01 EDT 2003
On Wed, 20 Aug 2003, Derek Martin wrote:
> On Wed, Aug 20, 2003 at 11:14:07AM -0400, Jerry Feldman wrote:
> > Derek,
> > While I agree that Outlook and Outlook Express is crap, but I disagree
> > with your premise. The reason that "Outlook is so aggressively targeted"
> > is that it is the most widely installed email program. If Eudora Pro had
> > as wide a distribution as the Outlook family, it would be targeted.
> > Additionally, the W32.Sobig.F at mm does not target Outlook. If actually
> > looks for email addresses in files.
>
> This theory does nothing to explain why IIS is the most attacked web
> server. It is NOT the most widely installed web server. I conclude
> that there is something else at work here.
Perhaps it makes more sense if you think of it in a Product/OS
combination. Compare the number of IIS on Windows servers versus Apache on
Solaris, Apache on Redhat, Apache on Debian, Apache on IRIX, etc.
Even if Apache had a published vulnerability, writing a worm that works
effectively on any system that Apache runs on it is a lot more difficult
than writing for one specific system type. Even with different linux
distributions you're going to end up with programs in different
locations and various other small incompatabilities.
--
Greg
More information about the Discuss
mailing list