[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] RE: [cobalt-users] C drive hack

Subject: [cobalt-security] RE: [cobalt-users] C drive hack
From: Graeme Fowler <graeme.fowler@xxxxxxxxxxxxxx>
Date: Tue, 18 Sep 2001 20:39:24 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Folks

(apologies for the cross-post; this is relevant to both lists)

All this talk of "have I been hacked?"; "is this a problem?"; "is my data
secure?"... you're running Cobalt products, right?

You're seeing these log entries for blah/blah/blah/cmd.exe in your Apache
logfiles?

It's a new IIS worm - 'Nimda' - which, like our old lovable friend CodeRed
ONLY affects Windows servers running Internet Information Services. Not
Cobalt systems - unless you have a copy of the mythical Linux port of IIS
;-)

So - don't panic. Please move along, nothing to see here. Just watch those
error logs and chuckle at the number of IIS users out there who really *are*
having problems. Me (from a job point of view) included :(

More info at:

http://www.sarc.com/avcenter/venc/data/w32.nimda.a@xxxxxxx
http://www.mcafeeb2b.com/avert/virus-alerts/default.asp

and your local high-quality anti-virus vendor, just 5 minutes from this
email.

Graeme

[Sorry, it's late and I'm tired of wormed Windows machines]
-- 
Graeme Fowler
System Administrator
Host Europe Group PLC

Prev by Date: RE: [cobalt-security] OpenSSH on Raq2 help
Next by Date: [cobalt-security] Attempted inside job. A report.
Previous by thread: [cobalt-security] Re: cobalt-security digest, Vol 1 #512 - 1 msg
Next by thread: [cobalt-security] Attempted inside job. A report.

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index