Hi all,
Within the last couple of days this worm has been rearing its ugly head.
Its seems to be infecting mainly Redhat 6.2 and 7.0 unpatched machines.
Specifically its using wuftp and nfsd. The link below is to a guy that
reversed engineered it.
http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D75%26mid%3D156624
Hope this helps,
Neil Sobrado
SUNY New Paltz
Voice (914) 257-3137
FAX (914) 257-6900
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
