Vulnerability Development mailing list archives

Re: New worm?

From: mpotter () ATPCO COM (Matthew R. Potter)
Date: Thu, 4 May 2000 15:47:30 -0400


We were generally unscathed here. I have my PC people disable the ability
to run .vbs on the Win 98 machines here. I think that one proactive step
saved me TONS of work. A few silly souls here opened attachments and got
hit, but they for the most part were not running outlook so it could not
further spread. I think maybe 20 out of 1000 machines here. And with a
little creative rulesets in sendmail.cf and a perls cript I was able to
purge any ones coming in or on the mail server.

Now the FBI/NPIC is saying 100 million dollars in damage. Uhh arent they
accountants over there? Where are they getting this figure? Seems like a
little panic to me. Yeah it;s a pain but how could they(or anyone) have
prevented this?

Matt

Current thread:

Re: New worm? Greene, Patrick (May 04)
- <Possible follow-ups>
- Re: New worm? Jim Swanson (May 04)
  - Re: New worm? Matthew R. Potter (May 04)
    - Re: New worm? Bluefish (May 05)
- Re: New worm? mick chang (May 04)
- Re: New worm? Rich Corbett (May 04)
- Re: New worm? Edwin Concepcion (May 04)
- Re: New worm? Todd C. Campbell (May 10)
- Re: New worm? Dan Schrader (May 11)
  - Re: New worm? Dimitry Andric (May 12)
    - Re: New worm? Thierry Zoller (Apr 13)
    - ScriptGuard Crispin Cowan (May 16)
    - Re: ScriptGuard Thierry Zoller (Mar 16)

(Thread continues...)