|
Full Disclosure
mailing list archives
Re: DCOM
From: "gregh" <chows () ozemail com au>
Date: Wed, 13 Aug 2003 07:53:17 +1000
----- Original Message -----
From: /m
To: full-disclosure () lists netsys com
Sent: Tuesday, August 12, 2003 6:24 AM
Subject: Re: [Full-disclosure] DCOM
one of my boxes got dcom'd up last night.
You might be interested in http://vil.nai.com/vil/stinger/ where you can download Stinger which, copied direct from the
web site, says:
-------------
Download Stinger.exe v1.8.0 [697,351 bytes] (8/11/2003)
or Download ePOStg179.Zip EPO deployable version (for EPO administrators) of Stinger v1.7.9. (version 1.8.0 with
detection for W32/Lovsan.worm will be released shortly).
This version of Stinger includes detection for all known variants, as of August 11, 2003:
BackDoor-AQJBat/Mumu.wormIPCScan
IRC/Flood.apIRC/Flood.biIRC/Flood.cd
NTServiceLoaderPWS-SincomW32/Bugbear () MM
W32/Deborm.worm.genW32/Elkern.cavW32/Fizzer.gen () MM
W32/FunLoveW32/KlezW32/Lirva
W32/LovgateW32/Lovsan.wormW32/Mimail () MM
W32/MoFei.wormW32/Mumu.b.wormW32/Nimda
W32/Sdbot.worm.genW32/SirCam () MMW32/Sobig
W32/SQLSlammer.wormW32/Yaha () MM
-------------
Might be of some use to all here. I like it better than Symantec removal tools as it knows multiple tools in one hit
and does whatever it can for them all in one pass rather than downloading a tool per new nasty.
BTW, I am not promoting them, just find running ONE removal tool for multiple things easier. Probably because I am
lazy! ;-}
Greg.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
 By Date 
By Thread
Current thread:
- DCOM Paul Marsh (Aug 11)
- <Possible follow-ups>
- DCOM Paul Marsh (Aug 11)
|
Intro
