[p0ss]

and from the comments on that blog:

> The code your referring to .. the unknown c++ looks like the older IBM compilers found in OS400 SYS38 and the oldest sys36.

> The C++ code was used to write the tcp/ip stack for the operating system and all of the communications. The protocols used were the following x.21(async) all modes, Sync SDLC, x.25 Vbiss5 10 15 and 25. CICS. RSR232. This was a very small and powerful communications framework. The IBM system 36 had only 300MB hard drive and one megabyte of memory,the operating system came on diskettes.

> This would be very useful in this virus. It can track and monitor all types of communications. It can connect to everything and anything.

[cag_ii]

But this comment doesn't ever mention specifically what makes his suggestion "look like" the given examples. I find it highly unlikely, given all the available networking/comm libraries available that old, proprietary IBM code would be used. Maybe there's something to it, but he certainly didn't mention anything convincing.

More unusual (to me) is that there are two separate comments suggesting it may be RPG (an OS400/iSeries language), which is very unlikely due to it not being an OOP language therefore not having constructor/destructor functionality, and otherwise a very high level language.

I'd guess some high level assembly, though this suggestion does look interesting.

http://www.securelist.com/en/blog/667/The_Mystery_of_the_Duq...

[moondowner]

> This would be very useful in this virus. It can track and monitor all types of communications. It can connect to everything and anything.

When I read these kind of sentences I always think of Plan9 first