Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Infected? Help Me Find Out!

From: "Jason Withrow" <jwithrow () mediaone net>
Date: Wed, 19 Sep 2001 02:12:48 -0400
It appears I was not fully infected.
 
Perhaps due to the fact that I unmapped ida's and idq's and no folders
had execute permissions?
 
All I had was a crap load of weird file in my scripts folder and I also
had the admin.dll on c and d.
 
None of the other files or regKeys were found, and a look at the logs
shows no 200 status returns.
 
Weird.
 
- J
 
-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Greg
Wright
Sent: Tuesday, September 18, 2001 11:36 PM
To: snort-users () lists sourceforge net
Subject: RE: [Snort-users] Infected? Help Me Find Out!
 
Possibly true, but not much help. 
-----Original Message----- 
From: Brian [mailto:bmc () snort org] 
Sent: Wednesday, 19 September 2001 12:50 PM 
To: Jason Withrow 
Cc: snort-users () lists sourceforge net 
Subject: Re: [Snort-users] Infected? Help Me Find Out! 
According to Jason Withrow: 

Anyone know the complete removal process? I think I got it all, but

who 

knows. 

Unplug network cable.  
Format.  
Install.  
Patch. 
Secure. 
Plug in network cable. 
-brian 
_______________________________________________ 
Snort-users mailing list 
Snort-users () lists sourceforge net 
Go to this URL to change user options or unsubscribe: 
https://lists.sourceforge.net/lists/listinfo/snort-users 
Snort-users list archive: 
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: