I might also add, infected machines attempt a download of a readme.eml which extracts to an .exe and starts in windows media player.. Tuesday 18 September 2001 09:43 am, you put enough 0's and 1's together to make the following: > Hello, > I and a few others I know are getting bombard on our machines with IIS > requests....looks like another worm, and its much smarter than before, it > seems to stay within the same class A and sometimes the same class B as the > attacking machine is in. here is an excerpt of what i believe is the full > scan.... <snip> > > just thought I would let you guys know...this one looks bad fella.....thank > god for apache.....that is of course, if there isnt a huge bog down on the > net....=[ > > cory > > ----------------------------------------------------------------- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Sep 18 2001 - 09:27:57 PDT