Hi y'all. Yes, I've moved from PSU but will continue as an adjunct instructor and also will continue to own the crime mail list. The new mydoom variant is making the rounds. Lots of people have figured out signatures for NIDS and also for detection on the infected machine (presently limited to win2k and xp). Does anyone know what the propagation mechanism is once the machine is infected? We are trying to determine the propagation mechanism to ensure that we are not hit by this and caught unawares. None of the usual suspects has posted any information on this aspect yet. Any of you Semantec people have an idea? --mark ---- Mark Morrissey morrisse@private Manager, Security Engineering OHSU ITG/TeMD Desk: 503-494-8480 Fax: 503-494-4626 Cell: 971-244-2726
This archive was generated by hypermail 2.1.3 : Thu Aug 05 2004 - 08:56:15 PDT