Educause Security Discussion mailing list archives
Re: Slammed by the SASSER?
From: Monte Schmeiser <MSchmeiser () MARYMOUNTPV EDU>
Date: Thu, 7 Oct 2004 23:35:14 -0700
Will do. Thank you, Monte -----Original Message----- From: Eric Pancer Sent: Thu 10/7/2004 10:34 PM To: SECURITY () LISTSERV EDUCAUSE EDU Cc: Subject: Re: [SECURITY] Slammed by the SASSER? Monte Schmeiser wrote on Thu, 2004-10-07 at 22:14:24 -0700... > Does anyone have any initial thoughts on what might be going on and how > we should attack this problem. At this point we are just going to > continue cleaning and patching workstations but are stumped with the > Exchange problem. Can you take a sample of machines and put them into a network with a transparent bridge just upstream? Then you can watch all network traffic and get a sense of whats going on from that small sample. Post your flows and we can assist more. -- Eric Pancer :.: Computer Security Response Team :.: DePaul University http://security.depaul.edu/ .:`:.:':.:`:. epancer () security depaul edu pgp: 1024D/7ACBCFF3 C022 4991 41E5 51E7 683C F765 62F7 7F8E 7ACB CFF3 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Slammed by the SASSER? Monte Schmeiser (Oct 07)
- <Possible follow-ups>
- Re: Slammed by the SASSER? Eric Pancer (Oct 07)
- Re: Slammed by the SASSER? Monte Schmeiser (Oct 07)
- Re: Slammed by the SASSER? James Riden (Oct 08)