>
> Hi Joel,
> I didn't see anything in the advisory pertaining to Samba, was that something
> you just got from the samba list?
>
There is mention that the infected clients will attempt to spread the worm:
"from client to client via open network shares"
This includes samba.
I don't think there is any danger to linux boxes, but windows clients can
get infected from the linux server.
One guy (On the samba list?) says he visited a site and got hundreds of
copies of the worm on his linux box. I tried that but only got one copy. Of
course, I used opera, and I likely had javascript turned off, which is what
CERT recommends.
Not counting one day when I turned off logging (the first day), I have had
880 hosts attack me and have had 20,000 separate hits on my port 80
from this worm.
This is the worst yet, methinks.
Joel
_______________________________________________
http://linux.nf -- [EMAIL PROTECTED]
Archives, Subscribe, Unsubscribe, Digest, Etc
->http://linux.nf/mailman/listinfo/linux-users
