RE: First Dcom Worm on wild

[<fulldisclosure () catholic org>]

Some of our /24 classes are being currently scanned for
port 135, customers are calling tech support for "unwanted"
system reboot, RPC error messages from failled exploitation
i assume.

Seems like the worm is gaining some speed (msbast.exe)
Anyone with a packet capture ?



-----------------------------------------

This email was sent using FREE Catholic Online Webmail.
http://webmail.catholic.org/




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html