Anyone see this come up just a while ago on the Oracle home page? (www.oracle.com) and www.cnn.com had the same problem. It appeared to redirect me to the superkay.com:888 page. But nothing else. I checked the source of this culprit page and there was nothing special about it. I've included a screen shot of this redirected web page. rdb -----Original Message----- From: Bernie Cosell [mailto:bernieat_private] Sent: Tuesday, September 18, 2001 1:13 PM To: incidentsat_private Subject: Re: New "concept" virus/worm? On 18 Sep 2001, at 14:01, Jim Olsen wrote: > This is a cumulation of the information i've found on W32.nimda thus far: > > W32.nimda is NOT a code red variant, and the people who referring to it as > "Code Blue" were mistaken... [...] > EVERYONE who uses internet explorer to browse the internet should probably do > one of two things to stop from being automatically infected by W32.nimda (i > have not tested whether or not turning off javascript fixes the problem): > o) don't browse web pages until microsoft releases a patch > o) turn OFF javascript I was under the impression that the vulnerability that nimda exploits was known and has been patched (in May) <http://support.microsoft.com/directory/article.asp?ID=KB;EN-US;Q290108> <http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security /bulletin/ms01-020.asp> >EVERYONE who uses outlook/outlook express should, at the very least, not open > any attachments that they are not expecting. THIS recommendation has nothing to do with nimda -- anyone who hasn't gotten *THIS* message yet is hopeless... Taking the opportunity to restate it here is OK, I guess, since a lot of folk jsut WONT get the message. > . Turning off auto-preview might > be a good idea as well. Why? /bernie\ -- Bernie Cosell Fantasy Farm Fibers mailto:bernieat_private Pearisburg, VA --> Too many people, too few sheep <-- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Sep 18 2001 - 19:05:48 PDT