Mutex

[Thor () HammerofGod com]

Blaine Kubesh reported that having an open handle to a mutex named
"fsdhqherwqi2001" kills Nimda.
After posting the app I quickly coded up to do this, others tested it and
said it keeps a box from becomming infected both initially and recurrently.

Some mail servers kicked back the zipped up .exe file, so I have posted it
on the Hammer of God site, and can be downloaded here:
http://www.hammerofgod.com/download/mutex.zip


The zip includes the exe and the cpp source for those interested.  It simply
opens the handle, and waits for you to hit the letter 'q' to kill the
session.  That's all, and it reportedly works.

Blaine gets all the credit; I just coded the thing up real quick. Go nuts.

Later.
---------------------------------
Attonbitus Deus
rm -rf /bin/laden






----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com