Educause Security Discussion mailing list archives
Infected Bot machines
From: "Crawford, Charles D" <ccrawf () KU EDU>
Date: Mon, 30 Aug 2004 09:57:12 -0500
Good Monday Morning, Are any other schools having problems with the many variants of the Rbot, Sdbot infections? We are seeing an increase over the weekend of these infected hosts targeting selected systems in what appears to be a DDOS attack.. I know imagine that...IRC doing malicious activity :) Anyway I am curious as to what other Universities are doing in regards to recommended procedures for cleaning these systems up, as I have found that AV utilities only work about half the time, if that. I have been suggesting to do full system reimages, changing passwords, etc but am having a hard time convincing management that is the best route. Thank you, Charles Crawford IT Security Officer University of Kansas (785)864-0491 ccrawf () ku edu www.security.ku.edu
Any revelation of a secret happens by the mistake of [someone] who shared it in confidence. -- La Bruyere, 1645-1694
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Infected Bot machines Crawford, Charles D (Aug 30)
- <Possible follow-ups>
- Re: Infected Bot machines Lutzen, Karl F. (Aug 30)