On Wed, 19 Sep 2001, Bayard Coolidge USG wrote:
> My concern today is that we have been at least partially affected by
> this Code <color> virus ...
You mean the Nimda worm/virus? ("Admin" spelled backwards.) This one is
great. It attacks vulnerabilities in MS Outlook, MS IE, and MS IIS. It
mass-emails itself automatically. It harvests email addresses from your
system. It infects local executables. It sets itself to run at startup.
In installs the "Guest" account with admin privileges. It shares your hard
drive with the world. It scans the local IP subnet for vulnerable IIS
systems (unpatched, or nailed by Code Red II and not fixed) and infects
them.
My personal recommendation is: If you use Microsoft products, shutdown the
computer and don't turn it back on until you have replaced your Microsoft
software with someone else's.
--
Ben Scott <[EMAIL PROTECTED]>
| The opinions expressed in this message are those of the author and do not |
| necessarily represent the views or policy of any other person, entity or |
| organization. All information is provided without warranty of any kind. |
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
