sorry guys, im very interested in know who is happen out here, and the worms are a very interesting topic,,, any start point? thankz!"

i dont think you will find any info on 0day worms / virii.

if you are interested in this (why?), then you will need to join a virii group on irc, and help out there until you get on one of the teams.

It depends why you are interested in them...and if you are prepared to get involved in building / testing illegal code.

Personally, i have a strong dislike for worms, as they cause huge financial damage to businesses, and simply make M$ patch holes that could be used for other purposes...

ohh, my question is not in that point.....

i wanna know the new worms that appears and what they do, to protect my sistems....

for example in this momment i have notice a rare activity in port 1214, many scans to my net and i wanna know if this is a 0 day worm or some else.

don't come there becaurs we kick ppl that aske for help.... (on irc)

blazeking: thanks you, this is the perfect answer!





don't come there becaurs we kick ppl that aske for help.... (on irc) <--- thankz for your advice, you should be a very nice person, and a excelent teacher!

Don't rely on Symantec's avcenter alone. Go to all the virus vendors web sites and find their virus info page and use them all, as different vendors will find/confirm info at different times...

Personally, I use Dshield to monitor net activity, which is an awsome resource for keeping an eye on worms (and vuln scanning to some degree). http://www.dshield.org/

To have a more hands-on approach, you could search google for info on capturing viruses/worms by means of honeypots or the like.. you can track down info like this : http://www.citi.umich.edu/u/provos/honeyd/msblast.html (I used the search term: honeypots capture virus worms but that probably wasn't the most successful query).