3APA3A wrote: > Do you remember Nimda worm? It was probably first worm > to exploit > Outlook Express vulnerability to launch itself automatically. > On Windows > NT 4.0 F-Secure engine (well, it was few years ago, I > don't remember > version) had a problem - it catch this worm _after_ it was > executed. And > worm successfully spreads from protected machine approx. > in ~50% of > cases...
Yes, remember Nimda quite well, we made a lot of money over a couple of weeks cleaning up operations using Norton Enterprise. However, we had around 80 boxes in the DMZ with full Internet public ip's protected with F-Secure and none got it. Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- White House cybersecurity adviser Richard Clarke _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
