Right. We have it on a 98 machine here. Our Win2K server was protected but it appears our NT server is afflicted. I thought I had the NT machine all up to date, but..... Tom Brenner Director of Operations Midwest Internet Connections & Services, Inc. Phone: (937) 297-6212 Fax: (937) 297-6214 Toll Free Outside Dayton Area: 1-877-get-4fam Visit our home page at: http://www.4fam.net -----Original Message----- From: Dave Salovesh [mailto:saloveshat_private] Sent: Tuesday, September 18, 2001 1:21 PM To: 'Brett Glass'; Jay D. Dyson; Incidents List Cc: Vuln Dev Subject: RE: New "concept" virus/worm? It infects 98 (I've got it on the one 98 workstation we run) and may have been involved in infecting two of NT4 servers. I also have two UNinfected NT4 servers that are patched to about the same level as the infected ones - not quite completely patched, but I think I've selected all the appropriate ones for the role each server plays. My W2K server is patched up to the minute and didn't get infected. So far... -- Dave Salovesh RAM Associates, Inc. (800) 543-3635 > -----Original Message----- > From: Brett Glass [mailto:brettat_private] > Sent: Tuesday, September 18, 2001 12:58 PM > To: Jay D. Dyson; Incidents List > Cc: Vuln Dev > Subject: Re: New "concept" virus/worm? > > > At 10:21 AM 9/18/2001, Jay D. Dyson wrote: > > > It's a two-prong worm. It appears to be primarily > disseminated > >via e-mail, and then launches its attacks on web hosts upon > successful > >infection. > > Newsbytes is calling this worm "Code Rainbow," while some of > the antivirus > firms seem to be calling it "W32.Nimda.A@mm". > > Can the e-mail infect anything other than Windows NT/2000? > Will it infect > a system that's running Windows NT/2000 but not IIS? If a > Windows 95/98/ME > user opens it, will his or her system begin to spread the > worm as well? > > --Brett Glass > > > -------------------------------------------------------------- > -------------- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.280 / Virus Database: 147 - Release Date: 9/11/2001 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.280 / Virus Database: 147 - Release Date: 9/11/2001
This archive was generated by hypermail 2b30 : Tue Sep 18 2001 - 13:09:47 PDT