On Fri, 16 Jan 2004, Wes Noonan wrote: > This is not quite correct. Nachia and Blaster, as well as Code Red and its > variants are all detectable and preventable with virus protection.
All of those are Windows viruses, no? > While > they may not stop the worm on the network, they can and do stop systems from > becoming infected and propagating the worm. So does mounting /tmp noexec, and it doesn't involve shelling out money to AV vendors. Mounting /tmp noexec also protects against future threats, not just ones that happen to be in the AV database. (I know that someone recently released code to do a "user-space" exec, so mounting /tmp noexec is not 100% foolproof, but it's pretty good protection.) -- David. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
