[rescue] New worm?

Kurt Huhn rescue at sunhelp.org
Wed Sep 19 20:43:17 CDT 2001

Previous message: [rescue] New worm?
Next message: [rescue] Q: Regarding Cat5 cable/NetGear hubs & Sun HW
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Its called Nimda or something.  Think "code red on steroids".

Check CERT and SANS for more info.  

Kurt


> I've just noticed a ton of activity in my apache log files.  Anyone else
> getting hit?  Looks like another IIS or win32 exploit:
> 
> 208.191.208.88 - - [18/Sep/2001:20:52:04 -0500] "GET
> /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 278

Previous message: [rescue] New worm?
Next message: [rescue] Q: Regarding Cat5 cable/NetGear hubs & Sun HW
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the rescue mailing list