Security Incidents mailing list archives
Re: Nimda infecting executables
From: "Gokulnath" <Gokulnath.c () net4india com>
Date: Wed, 19 Sep 2001 21:40:06 +0530
there is a lot of attacks on the servers running Microsoft Windows.The major files which you need to look on your system are like root.exe,root.eml,cmd.exe, *.rwc,TFTP.exe etc... We have been trying hard to clean with NA apparently the virus grows again. I am not sure of any new scanners or cleaners. Regards Gokulnath ----- Original Message ----- From: "Johannes Verelst" <johannes () verelst net> To: <incidents () securityfocus com> Sent: Wednesday, September 19, 2001 6:58 PM Subject: Nimda infecting executables
Hi, Our company was heavily infected, so our sysadmins are now cleaning the machines one by one using an updated version of NAI's Netshield. This program finds a lot of infected .exe files, so it looks like the worm also infects executables. Since I didn't see that on the list yet I reported it. Can anybody confirm this behaviour? Johannes -- Unix is simple. It just takes a genius to understand its simplicity --------------------------------------------------------------------------
--
This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Nimda infecting executables Johannes Verelst (Sep 19)
- Re: Nimda infecting executables Gokulnath (Sep 19)