Folks (apologies for the cross-post; this is relevant to both lists) All this talk of "have I been hacked?"; "is this a problem?"; "is my data secure?"... you're running Cobalt products, right? You're seeing these log entries for blah/blah/blah/cmd.exe in your Apache logfiles? It's a new IIS worm - 'Nimda' - which, like our old lovable friend CodeRed ONLY affects Windows servers running Internet Information Services. Not Cobalt systems - unless you have a copy of the mythical Linux port of IIS ;-) So - don't panic. Please move along, nothing to see here. Just watch those error logs and chuckle at the number of IIS users out there who really *are* having problems. Me (from a job point of view) included :( More info at: http:[EMAIL PROTECTED] http://www.mcafeeb2b.com/avert/virus-alerts/default.asp and your local high-quality anti-virus vendor, just 5 minutes from this email. Graeme [Sorry, it's late and I'm tired of wormed Windows machines] -- Graeme Fowler System Administrator Host Europe Group PLC _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
