nanog mailing list archives
Re: Just an FYI - Apache Worm on the loose
From: "Stephen J. Wilcox" <steve () opaltelecom co uk>
Date: Wed, 10 Jul 2002 23:30:22 +0100 (BST)
If you want to be proactive, filter this port across your backbone and you will very quickly see what hosts have been compromised.. on the other hand individual customers seem to use all their bandwidth so they tend to phone in pretty quick! Steve On Wed, 10 Jul 2002, Scott Francis wrote:
On Tue, Jul 09, 2002 at 02:26:23PM -0700, jlegate () alienchick com said:There is an Apache worm out there, and it uses port 2001/udp to operate. You may wanna scan your own boxes for this open port.Announced last week on BUGTRAQ and elsewhere. http://online.securityfocus.com/archive/1/279529 (and was it _really_ necessary to post a hex dump of the entire thing? The actual source is available linked from the BUGTRAQ post above ...)
Current thread:
- Just an FYI - Apache Worm on the loose Jason Legate (Jul 09)
- Message not available
- Re: Just an FYI - Apache Worm on the loose Jason Legate (Jul 09)
- Message not available
- Re: Just an FYI - Apache Worm on the loose Scott Francis (Jul 10)
- Re: Just an FYI - Apache Worm on the loose John Palmer (Jul 10)
- Re: Just an FYI - Apache Worm on the loose Allan Liska (Jul 10)
- Re: Just an FYI - Apache Worm on the loose Stephen J. Wilcox (Jul 10)
- RE: Just an FYI - Apache Worm on the loose Phil Rosenthal (Jul 10)
- Message not available
- RE: Just an FYI - Apache Worm on the loose Robert Boyle (Jul 10)
- Re: Just an FYI - Apache Worm on the loose John Palmer (Jul 10)
- <Possible follow-ups>
- Re: Just an FYI - Apache Worm on the loose Rizzo Frank (Jul 09)
- Re: Just an FYI - Apache Worm on the loose Jason Legate (Jul 09)
- Re: Just an FYI - Apache Worm on the loose Rizzo Frank (Jul 09)