"Kenneth E. Lussier" wrote:
>
> I've been reading a couple of different things about Carko, and I'm
> still trying to figure out what it is. According to the Korean gov, it's
> a worm that attacks BIND. According to incedents.org
> (http://www.incidents.org/news/carko.php) it's a DDoS utility that
> exploits a bux in snmpXdmid. CERT is reporting that it is a variant of
> Stacheldraht. If you do a search on SecurityFocus for Carko, you'll get
> a bunch of articles, all with major differences. Every site seems to
> have a different accounting of what it is, how it works, and what the
> exposure rate is. Either this is the most heavily mutated software in
> history, or someone is having fun with the press.
>
> C-Ya,
> Kenny
If China and the US are in an e-war, then I would think there is no
limit to the type of worm(s) used. Subsequently, the reason that there
are so many reports with differing explanations. Next Tuesday is May 1,
the day this is all supposed to begin. I doubt I will get much sleep
after that, my alarms will be going off all night.
When will this all end? It uses too much of my time and resources.
>
> > Andrew Bacchi wrote:
> >
> > I did not see this warning posted here, so I'm sending it along. It
> > attacks DNS vulnerbilities.
> >
> > http://www.linuxsecurity.net/articles/network_security_article-2933.html
> >
> > --
> > Andrew G. Bacchi
> > System Manager
> > Hanover Capital Management (dba AIRS)
> > 35 So. Main St.
> > Hanover, NH 03755
> > 603 643-8789 office
> > 603 359-2868 cell
>
> **********************************************************
> To unsubscribe from this list, send mail to
> [EMAIL PROTECTED] with the following text in the
> *body* (*not* the subject line) of the letter:
> unsubscribe gnhlug
> **********************************************************
--
When all else fails, read the documentation.
Andrew G. Bacchi
Sr. System Administrator
AIRS
Hanover, NH
Tel. 603 643-8789
Pager 603 442-1452
