We were testing with web messaging yesterday afternoon (18 sept.) and
probably were affected then by the virus.
If I now have the mail-/webserver (IIS 4 with iMail) connected to the
internet my 3COM router/firewall (the mailserver is on a DMZ port) goes
crazy. It is almost continious in Alert mode and it cannot handle any
internet request anymore (from outside or inside).
Could this be that specific virus?
Leaves me with the question. What anti-virus software should you use for a
web-/mailserver?
Does the normal Norton Anti Virus package do the trick for example or do you
need some specific server software?
Greetings Arjan
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of The Innkeeper
> Sent: dinsdag 18 september 2001 3:30
> To: [EMAIL PROTECTED]
> Subject: Re: [IMail Forum] New widespread virus: W32/Nimda-A; arrives
> wit h readme.exe attachment
>
>
> It appears that web messaging is affected by this new virus also....I have
> massive referrals from outside the system trying to get in through Web
> Messaging and get to directories and the such and all my systems here are
> clean. Is there anything IPSwitch can detail about this???
>
> Steve
>
> ----- Original Message -----
> From: "Bryson, Laura" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, September 18, 2001 4:41 PM
> Subject: RE: [IMail Forum] New widespread virus: W32/Nimda-A;
> arrives wit h
> readme.exe attachment
>
>
> > >From Symantec's web site
> > (http:[EMAIL PROTECTED])
> >
> > "W32.Nimda.A@mm is a new mass-mailing worm that utilizes
> multiple methods
> to
> > spread itself. The worm sends itself out by email, searches for open
> network
> > shares, and attempts to copy itself to unpatched Microsoft IIS web
> servers.
> > The worm does this using the Unicode Web Traversal exploit. A patch and
> > information regarding this exploit can be found at
> > http://www.microsoft.com/technet/security/bulletin/ms00-078.asp.
> >
> > Users visiting compromised Web servers will be prompted to download an
> .eml
> > (Outlook Express) email file, which contains the worm as an attachment.
> >
> > Also, the worm will create an open network share on the
> infected computer,
> > allowing access to the system."
> >
> > /ljb
> > -----Original Message-----
> > From: R. Scott Perry [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, September 18, 2001 12:39 PM
> > To: [EMAIL PROTECTED]
> > Subject: [IMail Forum] New widespread virus: W32/Nimda-A; arrives with
> > readme.exe attachment
> >
> >
> > FYI, Sophos has just alerted us to a new virus that is apparently
> spreading
> > very quickly, called W32/Nimda-A. Not much information is available
> > yet. Apparently, it uses an attachment called "readme.exe".
> >
> > -Scott
> > ---
> > Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for
> > IMail. http://www.declude.com
> >
> >
> > Please visit http://www.ipswitch.com/support/mailing-lists.html
> > to be removed from this list.
> >
> > An Archive of this list is available at:
> > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
> >
>
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
> An Archive of this list is available at:
> http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
>
>
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
