Blaine Kubesh reported that having an open handle to a mutex named "fsdhqherwqi2001" kills Nimda. After posting the app I quickly coded up to do this, others tested it and said it keeps a box from becomming infected both initially and recurrently. Some mail servers kicked back the zipped up .exe file, so I have posted it on the Hammer of God site, and can be downloaded here: http://www.hammerofgod.com/download/mutex.zip The zip includes the exe and the cpp source for those interested. It simply opens the handle, and waits for you to hit the letter 'q' to kill the session. That's all, and it reportedly works. Blaine gets all the credit; I just coded the thing up real quick. Go nuts. Later. --------------------------------- Attonbitus Deus rm -rf /bin/laden ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Sep 19 2001 - 17:15:29 PDT