RE: Did an Apache worm hit me?

Subject: RE: Did an Apache worm hit me?
From: James Zuelow (jamesz@ideafamilies.org)
Date: Tue Oct 01 2002 - 10:10:45 AKDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Adam Elkins: "cUlinux"
• Previous message: Buddha: "Did an Apache worm hit me?"
• In reply to: Buddha: "Did an Apache worm hit me?"
• Reply: James Zuelow: "RE: Did an Apache worm hit me?"
• Reply: James Zuelow: "RE: Did an Apache worm hit me?"

> -----Original Message-----
> From: aklug-bounce@aklug.org [mailto:aklug-bounce@aklug.org]On Behalf Of
> Buddha
> Sent: Tuesday, October 01, 2002 10:11 AM
> To: aklug@aklug.org
> Subject: Did an Apache worm hit me?
>
>
>
> I have the most up-to-date version of Apache for RH 7.2 using apt-get
> which is *supposedly* all patched up.
>
> I thought this was some "normal" bogus klez.h worm stuff, until I saw my
> firewall's CPU listed. Not good.
>
> Any advice on what to do? (Besides getting all services off of my
> firewall...not an option until I setup the Sun Netra I just bought).
>
> -TIA,
> -Buddha

It is the latest version of slapper. Only been out a few days. Here's some
info:

http://www.incidents.org/diary/diary.php?id_6

You know the drill. Start from scratch on your firewall. Keep a DMZ for
public servers.

Cheers (condolances),

James

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

• Next message: Adam Elkins: "cUlinux"
• Previous message: Buddha: "Did an Apache worm hit me?"
• In reply to: Buddha: "Did an Apache worm hit me?"
• Reply: James Zuelow: "RE: Did an Apache worm hit me?"
• Reply: James Zuelow: "RE: Did an Apache worm hit me?"

This archive was generated by hypermail 2a23 : Tue Oct 01 2002 - 10:11:15 AKDT