Snort mailing list archives
Elkern Worm
From: Lorraine Cannavale <LCannavale () americanhm com>
Date: Tue, 27 May 2003 14:06:49 -0400
I just sent an e-mail to the snort-sigs list seeking a rule or ruleset to detect the Elkern worm (if anyone in this group has the rule, your response is welcome). But, I would really like some tips and advice on controlling the Elkern worm on our network. We have antivirus software installed on each workstation, and it should be configured to obtain the latest virus definitions daily. However, we do not have an accurate way (today) of determining if workstations do in fact have the latest AV signatures, nor do we have a way of determining what workstations may be infected with viruses. Our shared folders on servers keep getting re-infected with the Elkern virus. Any help and suggestions would be appreciated. Thank you in advance, Lorraine . ------------------------------------------------------- This SF.net email is sponsored by: ObjectStore. If flattening out C++ or Java code to make your application fit in a relational database is painful, don't do it! Check out ObjectStore. Now part of Progress Software. http://www.objectstore.net/sourceforge _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Elkern Worm Lorraine Cannavale (May 27)
- Re: Elkern Worm Terence Runge (May 27)
- <Possible follow-ups>
- Re: Elkern Worm Kenneth G. Arnold (May 27)