Slapper worm "ink" instead of "cinik" (Re: slapper worm varient "cinik")

[GiulioMaria Fontana <fontana () datawell it>]

Il Wednesday 25 September 2002 01:02, James P. Kinney III ha scritto:

> I was attacked by a variant of the slapper worm called "cinik". I got
> lucky and caught the intruder in the act and managed to get the source
> code before it was removed and I shut him out. 

I found in a server in my subnet some sources of that worm (.cinik.go) but I 
even found an .ink.go
Both are script shell but they differs in the use of the name "ink" instead of 
"cinik" and in the address mail to which the informations are sent.
What should I do with that mail address?

Giulio


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com