Re: netbuie.exe, and

From: Rainer Duffner (
Date: Wed May 08 2002 - 01:39:13 PDT

  • Next message: vogtat_private: "AW: Publishing Nimda Logs"

    Edwards, David  (JTS) writes: 
    > Hi, 
    >> -----Original Message-----
    >> From: Nick FitzGerald []
    >> If they don't, you clearly need to revise your site's judgments about 
    >> who is worthy of having admin (equivalent) passwords.
    > Hmmm, who rattled your chain..  Are you saying that the
    > only way this incident could have happened is if one of 
    > our administrators stuffed up?
    An educated guess would be someone with admin-rights surfing warez & 
    p0rn-sites and "infecting" himself through the automatic installation of
    said trojan via a IE-feature or vulnerability (or social engineering). 
    People in Germany are often plagued by this, but here, the programs change 
    the default ISP-number in Windoze to a number that is subject to varying 
    arbitrary charges and thus resulting in horrendous phone bills. 
    Rainer Duffner                   Munich          Germany        Freising
        When shall we three meet again
      In thunder, lightning, or in rain?
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see:

    This archive was generated by hypermail 2b30 : Wed May 08 2002 - 09:17:38 PDT