RE: Possible First Crypto Virus Definitely Disc overed!

["Ng, Kenneth (US)" <kenng () kpmg com>]

Question is, are you supposed to have a SSL server on that box?  If so,
that's what it is.  If not, then you definitely have a problem.  Try
connecting to that box with the URL you normally use, just use "https"
instead of "http".  If you get the "normal" page, then someone turned on
https without realizing it.  If you get something different, then you
investigate.

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com]On Behalf Of Billy B.
Bilano
Sent: Tuesday, June 08, 2004 12:46 PM
To: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] Possible First Crypto Virus Definitely
Discovered!


Steve,

Sorry to say but it is not! I checked my incoming traffic again this morning
and the attack on port 443 is still coming in full steam ahead! I don't know
what's going on, but I am about to block that port on my firewall. Some
nitwit (probably the idiot that was here before I became IT Director)
somehow, for some reason, deliberately opened port 443 on the firewalls!

I am beginning to think that this is the first wave of the new coming global
crypto-storm!

--------
Mr. Billy B. Bilano, MSCE, CCNA
<http://www.bilano.biz/>
Expert Sysadmin Since 2003!
'C:\WINDOWS, C:\WINDOWS\GO, C:\PC\CRAWL'  -- RMS



----- Original Message ----- 
From: "-----, Steve" <----------------------->
To: "Billy B. Bilano" <mr.bill.bilano () email server unix bill bilano biz>
Sent: Tuesday, June 08, 2004 11:34 AM
Subject: RE: [Full-disclosure] Possible First Crypto Virus Definitely
Discovered!


> Please tell me this is just a really bad joke?
>
> -----Original Message-----
> From: Billy B. Bilano
> [mailto:mr.bill.bilano () email server unix bill bilano biz]
> Sent: Tuesday, June 08, 2004 10:53 AM
> To: full-disclosure () lists netsys com
> Subject: [Full-disclosure] Possible First Crypto Virus Definitely
> Discovered!
>
> Salutations, amigos!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


*****************************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized. 

If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.         
*****************************************************************************

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html