Hi Sharon,
Thank you... my how some people just don't believe...
Thanks, andyb
[EMAIL PROTECTED]
Wednesday, September 26, 2001, 12:17:56 PM, you wrote:
ST> At 10:17 AM 9/26/01 -0400, andyb@thumpernet wrote:
>>My web server *was* patched and it got the virus *anyway*. Same thing
>>for another web server admin near here.
ST> To back this up, we had 18 NT boxes online last week
ST> when it hit (19 now) and three of them were hit.
ST> Our patches were up to date running through August 15 or
ST> 17th. (Forget the exact date)
ST> Interestingly enough, we applied some later fixes available
ST> through a number of sources on Wednesday and Thursday. We
ST> had another server hit Sunday in spite of this.
ST> What I find curious is that even though our .html files
ST> were modified and I KNOW we were infected, the clean nimda
ST> utility from Symantec said we didn't have it. Go figure.
ST> I've had some sys admins I know insist left and right there
ST> was no way we could have been infected if we were patched,
ST> but we were. A few people I know suggested we had the code
ST> red worm when that hit and that left open a back door.
ST> But one of the servers that was hit only went online the
ST> last week of August and had the latest service pack and
ST> all patches. The system was also clean when I did a check
ST> for code red.
ST> Sharon Tucci
ST> Please visit http://www.ipswitch.com/support/mailing-lists.html
ST> to be removed from this list.
ST> An Archive of this list is available at:
ST> http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
