Security Incidents mailing list archives
Mutex
From: Thor () HammerofGod com
Date: Wed, 19 Sep 2001 16:34:00 -0700
Blaine Kubesh reported that having an open handle to a mutex named "fsdhqherwqi2001" kills Nimda. After posting the app I quickly coded up to do this, others tested it and said it keeps a box from becomming infected both initially and recurrently. Some mail servers kicked back the zipped up .exe file, so I have posted it on the Hammer of God site, and can be downloaded here: http://www.hammerofgod.com/download/mutex.zip The zip includes the exe and the cpp source for those interested. It simply opens the handle, and waits for you to hit the letter 'q' to kill the session. That's all, and it reportedly works. Blaine gets all the credit; I just coded the thing up real quick. Go nuts. Later. --------------------------------- Attonbitus Deus rm -rf /bin/laden ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Mutex Thor (Sep 19)