On Mon, Sep 30, 2002 at 01:05:08PM +0800, Ronald Chan wrote: > Hi! is there anyone here already heard the slapper worm?
Yes, as a matter of fact I posted a heads up on 14 Sept 2002 both here and on the newbie list. > if yes how can we cure it without having to upgrade your openssl and > MOD_ssl :) In my original email[1] I included suggested "magic configuration lines" from the ISC advisory, which basically disable SSLv2 which the worm exploits. I am not sure these work, and as usual upgrading your installations of OpenSSL and mod_ssl is the right way to go, but they're there for you to check out. [1] http:[EMAIL PROTECTED] --> Jijo PS- I'm supposed to be calm on the newbie list but this isn't the newbie list so after being fairly civil in this reply ... If you can't use Google, PLEASE USE THE BLASTED MAIL ARCHIVES[2]!!! That above email appears in the results of a simple query for "slapper mod_ssl", and heavens it doesn't take a genius to figure those two keywords out, does it? [2] http://marc.free.net.ph -- Federico Sevilla III : http://jijo.free.net.ph Network Administrator : The Leather Collection, Inc. GnuPG Key ID : 0x93B746BE _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
