Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Elkern Worm

From: Lorraine Cannavale <LCannavale () americanhm com>
Date: Tue, 27 May 2003 14:06:49 -0400
I just sent an e-mail to the snort-sigs list seeking a rule or ruleset to
detect the Elkern worm (if anyone in this group has the rule, your response
is welcome).

But, I would really like some tips and advice on controlling the Elkern worm
on our network.  We have antivirus software installed on each workstation,
and it should be configured to obtain the latest virus definitions daily.
However, we do not have an accurate way (today) of determining if
workstations do in fact have the latest AV signatures, nor do we have a way
of determining what workstations may be infected with viruses.  Our shared
folders on servers keep getting re-infected with the Elkern virus.

Any help and suggestions would be appreciated.
Thank you in advance,
Lorraine


.



-------------------------------------------------------
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: