Full Disclosure: RE: A worm...

[ATD <simon () snosoft com>]

Yep, 
        A few of our clients in both the public and private sectors were hit by
this too. What awes me is simple common sense would evade the entire
problem. Ah well... ;)


On Thu, 2003-06-26 at 11:33, Schmehl, Paul L wrote:
> I can't speak for the others, but McAfee was detecting this worm just
> fine as soon as it hit our network.  The only thing wrong was that it
> didn't have the name correct, but who really cares about that?  We set
> up our scanners to always scan archives and zip files, so something like
> this is no big deal.  We've quarantined over 900 copies in the past 20
> hours, so it's a big deal to somebody....
>
> Paul Schmehl (pauls () utdallas edu)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/~pauls/
>
> > -----Original Message-----
> > From: ATD [mailto:simon () snosoft com] 
> > Sent: Thursday, June 26, 2003 9:15 AM
> > To: *Hobbit*
> > Cc: full-disclosure () lists netsys com
> > Subject: RE: [Full-disclosure] A worm...
> >
> >
> > Yes, 
> >     And this was my point. Are the crafty "worm gods" 
> > creating worms that evade detection by using compression and 
> > other methods?  If they are doing this, and if they are 
> > creating the "stealth worms" whats next. Zip files would be 
> > just one of hundreds of ways to hide worms. Maybe the virus 
> > scanning technology needs to be kicked up a notch or two.

Attachment: signature.asc
Description: This is a digitally signed message part