Security Incidents: Re: Slapper worm "ink" instead of "cinik" (Re: slapper worm varient "cinik")

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: Slapper worm "ink" instead of "cinik" (Re: slapper worm varient "cinik")

From: Jose Nazario <jose () monkey org>
Date: Thu, 17 Oct 2002 16:33:40 -0400 (EDT)

On Thu, 17 Oct 2002, GiulioMaria Fontana wrote:

I found in a server in my subnet some sources of that worm (.cinik.go)
but I even found an .ink.go
Both are script shell but they differs in the use of the name "ink"
instead of "cinik" and in the address mail to which the informations are
sent. What should I do with that mail address?


contact the domain contacts for that domain, ie security@ and abuse@, with
the information that the email inbox is being used for malicious purposes
(specifically compromise notification).

___________________________
jose nazario, ph.d.                     jose () monkey org
                                        http://www.monkey.org/~jose/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

By Date By Thread

Current thread:

Slapper worm "ink" instead of "cinik" (Re: slapper worm varient "cinik") GiulioMaria Fontana (Oct 18)
- Re: Slapper worm "ink" instead of "cinik" (Re: slapper worm varient "cinik") Jose Nazario (Oct 17)