nanog mailing list archives

Re: maybe this should be on sec focus but.

From: Damian Gerow <damian () sentex net>
Date: Fri, 1 Aug 2003 14:27:26 -0400


Thus spake Drew Weaver (drew.weaver () thenap com) [01/08/03 14:25]:

            I have had like 4 users call and tell me that they're receiving
email from admin@ourdomainname with a unidentified attachment, possibly a
worm that exploits the new Microsoft vulnerability last week, all 4 of these
people reported that their updated this morning antivirus software missed
it.


The latest NAI definitions catch it as Exploit-Codebase (which I *think* is
just a general catchall).  We have an open ticket with F-Prot for this, and
are currently waiting on updated definitions from them.

  - Damian

Current thread:

maybe this should be on sec focus but. Drew Weaver (Aug 01)
- Re: maybe this should be on sec focus but. Damian Gerow (Aug 01)
- Re: maybe this should be on sec focus but. Scott Granados (Aug 01)
  - RE: maybe this should be on sec focus but. Bob German (Aug 01)
- Re: maybe this should be on sec focus but. Forrest Houston (Aug 01)
  - Re: maybe this should be on sec focus but. Patrick_McAllister (Aug 01)
- Re: maybe this should be on sec focus but. Mike Tancsa (Aug 01)
- Re: maybe this should be on sec focus but. Joe Boyce (Aug 01)
- <Possible follow-ups>
- RE: maybe this should be on sec focus but. Drew Weaver (Aug 01)
- Re: maybe this should be on sec focus but. Gregory Hicks (Aug 01)