-----BEGIN PGP SIGNED MESSAGE----- On Wed, 21 Aug 2002, Kurt Seifried wrote: > Make sure your servers are patched before they go online and if you're like > me find someone nice to have dinner with and forget about it. There are much > better things to do in life then worrying about the latest (or not so > latest) windows worm. I agree. It looks like someone has just whipped up a script to scan for the vulnerability, possibly loosely based on the Nimda code. Not much to be concerned with if you're patched. Not much you can really do about it anyway. Lately, I've been just dropping all traffic from Korea and surrounding areas. No offense to anyone, but it seems that anything registered with APNIC should be under close scrutiny. Korean networks in particular appear to be the armpit of the net. I have no need to allow communication with them, so I just save myself the trouble and filter it out. - -- Jonathan Rickman X Corps Security http://www.xcorps.net -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQEVAwUBPWWVDDTwrX0N9QH/AQFFxQgA1W3HTWh8KBJV+3a1NE5PSSchbXCTrgos DEngFxZYtsZyTvB9ssvMdMXG6jhGRZhYWjC5rbEOKzkDT2oTI8bN9HY/L6PRLaAx UmY/Sd/hrA2fxZ8tta6IBWtXSbNntvP5uS5bZ/wYCB5TFE8RgW+04glQgTrQd/QW ReGasW8xzvk3NaMzVISoos90aZrjjTP7CTt9y8PmH0gFzsRajt1Okzr7AyIYWM3o GlIvWTUBrS4p3gUcW7pnDI39NPMmyE8pBe+yMYg9POnd7wyXsug/eswYEXQe8kDR 9x1Vuu6knqnnnyElBF8UNq96ZEFb79g74vNUIVylYKy0DZJ8ZReo/Q== =e72P -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Aug 23 2002 - 10:16:43 PDT