see http://www.sans.org
Late last night, the SANS Institute (through its Global Incident
Analysis Center) uncovered a dangerous new worm that appears to be
spreading rapidly across the Internet.
The Lion worm spreads via an application called "randb". Randb scans
random class B networks probing TCP port 53. Once it hits a system, it
checks to see if it is vulnerable. If so, Lion exploits the system using
an exploit called "name". It then installs the t0rn rootkit.
...
We have developed a utility called Lionfind...
Download Lionfind at http://www.sans.org/y2k/lionfind-0.1.tar.gz
...
etc
jk
ps: din comunicat se pare ca clasele C nu ar fi afectate :-). inca :-)).
---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
unsubscribe from this list.
