Investigating- I just returned from OOF and I don't have logs from an infected machine yet. -----Original Message----- From: Tina Bird [mailto:tbird@precision-guesswork.com] Sent: Saturday, January 25, 2003 8:09 PM To: eric.schultzeat_private; Eric Fitzgerald; Johannes Ullrich; loganalysisat_private Subject: log data? On Sat, 25 Jan 2003, Johannes Ullrich wrote: > oh well.. back to counting packets. BTW: Any idea what this worm looks > like in any MSFT application logs? So now that the feathers are settling -- anyone have Event Log data signatures of Sapphire/SQL Slammer, successful or otherwise? thanks -- tbird -- I, on the other hand, do not work. I enjoy the slothful life of an artist, and while away the hours in meaningless aesthetic pursuits punctuated by bouts of hedonistic debauchery and an occasional nap. -- David Rinehart http://www.shmoo.com/~tbird Log Analysis http://www.loganalysis.org VPN http://vpn.shmoo.com _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Tue Jan 28 2003 - 12:13:54 PST