[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] RE: [cobalt-users] C drive hack
- Subject: [cobalt-security] RE: [cobalt-users] C drive hack
- From: Graeme Fowler <graeme.fowler@xxxxxxxxxxxxxx>
- Date: Tue, 18 Sep 2001 20:39:24 +0100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Folks
(apologies for the cross-post; this is relevant to both lists)
All this talk of "have I been hacked?"; "is this a problem?"; "is my data
secure?"... you're running Cobalt products, right?
You're seeing these log entries for blah/blah/blah/cmd.exe in your Apache
logfiles?
It's a new IIS worm - 'Nimda' - which, like our old lovable friend CodeRed
ONLY affects Windows servers running Internet Information Services. Not
Cobalt systems - unless you have a copy of the mythical Linux port of IIS
;-)
So - don't panic. Please move along, nothing to see here. Just watch those
error logs and chuckle at the number of IIS users out there who really *are*
having problems. Me (from a job point of view) included :(
More info at:
http://www.sarc.com/avcenter/venc/data/w32.nimda.a@xxxxxxx
http://www.mcafeeb2b.com/avert/virus-alerts/default.asp
and your local high-quality anti-virus vendor, just 5 minutes from this
email.
Graeme
[Sorry, it's late and I'm tired of wormed Windows machines]
--
Graeme Fowler
System Administrator
Host Europe Group PLC