[PLUG] anti virus

Scott Minster sminster@purdue.edu
Thu, 20 Sep 2001 09:36:02 -0500 

>From looking at my own Apache logs, it looks like this new worm attempts to
exploit holes opened by code red, so even if someone who was infected fixed
it (patch and all) but missed one of the holes opened by it (there were
quite a few), nimda can still get in.  (not that this excuses anything, just
that it's easy to overlook something)

----
Scott Minster
sminster@purdue.edu
http://mland.dhs.org/
icq://18777468/

-----Original Message-----
From: plug-admin@csociety.purdue.edu
[mailto:plug-admin@csociety.purdue.edu]On Behalf Of Shwim
Sent: Thursday, September 20, 2001 7:52 AM
To: Plug
Subject: Re: [PLUG] anti virus


My guess is that the email traffic and multiple hits is what they were
talking about.
They said affected, not infected.  Basically any system is vulnerable to the
effects
due to the overloading of networks, but as far as the system being
compromised
or spreading the worm, I do not think anything but NT/2000 boxes are
compromised.

You would have thought that after Code Red the sysadmins would have kept
up-to-date
with the patches to their systems, but I guess there are still lame
sysadmins out there.
When will incompetent sysadmins start getting the boot?

Manny

----- Original Message -----
From: "Deepak Dinesh" <deepak@purdue.edu>
To: "Plug" <plug@csociety.purdue.edu>
Sent: Thursday, September 20, 2001 7:36 AM
Subject: Re: [PLUG] anti virus


> On Thu, 20 Sep 2001, Christopher N. Deckard wrote:
>
> >The Nimda/CodeRed/etc virus/worm that is going around ONLY affects
> >Microsoft Windows operating systems running an unpatched version of
> >Internet Information Server.
> >
> >LINUX IS NOT AFFECTED
>
> The warning email from ECN said that UNIX was affected. I don't know why
they
> said this. Apparently, any system with an email client is affected !!
>
>
> DD


____________________________________________________
The Purdue Linux Users' Group (PLUG) mailing list.
For account maintenance, go to:
plug mailing list  -  plug@csociety.purdue.edu
http://csociety.ecn.purdue.edu/mailman/listinfo/plug