[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
[linux-security] Re: *ALERT*: ADM Worm. Worm for Linux x86 found inwild.
- From: "R. DuFresne" <dufresne sysinfo com>
- To: Jan-Philip Velders <jpv jvelders tn tudelft nl>
- Cc: linux-security redhat com, recipient list not shown: ;
- Subject: [linux-security] Re: *ALERT*: ADM Worm. Worm for Linux x86 found inwild.
- Date: Fri, 26 Mar 1999 03:06:31 -0600 (CST)
On Fri, 26 Mar 1999, Jan-Philip Velders wrote:
[-- shortened a bit -- REW]
>
> As for me, I'm rather busy at work. This worm is more of an intellectual
> curiosity for me than anything else, as it seems to be mostly benign. I'd
> appreciate it if nobody would bug me about this any further, please. You
> know where to get samples, and after reading this mail you know as much
> the worm as I do.
>
The more important issue at had here is how the 'worm' infected your
system and gained the privledge needed to do it's work. And, if it is
truely a 'worm', and not just a rootkit with a port scanner running under
it, it would have done more then just scan, it would have actually
exploited, or at least *attempted* to exploit the vulnerable systems it
discovered? That key issue of knowing "how" your system was 'infected' is
crucial in determining how to prevent a 'reinfection', yes? Not to
mention helpful in determining if this is in fact a 'worm' or a rootkit
with it's tools merely named w0rm...
Thanks,
Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior consultant: darkstar.sysinfo.com
http://darkstar.sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]