On September 21, 2001 10:01 am, Bill Day wrote:
> Of course it is a "problem" but I closed IE before it could dl the file.
> I did let konquerer download the file, figured since it was linux it would
> be pretty much immune to it.. how ever the Java must be the culprit,
> allowing it to write to any writeable shares and aross open network
> connections(SAMBA for instance).
>
> I, cleaned before using LookOut so as to not infect the users on my address
> book.. This worm seems to ahve been well planned in that it propigates
> itself in almost every way imagineable..
>
Nimda uses java scripting. I have turned js off on my daughter's windows box.
Filtering against *.exe files is also recommended.
There is detailed info here, including a rundown on all the changes it makes
to a system:
http://www.cert.org/advisories/CA-2001-26.html
--
burns
_______________________________________________
http://linux.nf -- [EMAIL PROTECTED]
Archives, Subscribe, Unsubscribe, Digest, Etc
->http://linux.nf/mailman/listinfo/linux-users
