The problem I see with that, and maybe I'm wrong, is that just like our own
login scripts and such, I doubt any virus would use C:\WINNT as a path.
Instead, it would likely use variables like %SystemRoot%.
Evan
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 5:39 PM
To: NT System Admin Issues
Subject: RE: Microsoft Has Nimda
Hmmmmmm...
Takes notes...
(And not LOTUS notes...)
> -----Original Message-----
> From: Clayton [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 20, 2001 6:32 PM
> To: NT System Admin Issues
> Subject: RE: Microsoft Has Nimda
>
>
> How many people out there still install Windows (what ever
> version) into
> the Winnt or Windows directory? How many of these stupid
> worms would die
> if Windows was installed into a directory with some other name?
> Hmmmmmmmm.
>
> Clayton Doige
> IT Manager MCSE, MCP + I
> Gameday International N.V.
> Bound in a nutshell, King of infinite space...
>
> T: +5 999 736 0309 ext 4537
> C: +5 999 563 1845
> F: +5 999 733 1259
> E: [EMAIL PROTECTED]
>
>
> -----Original Message-----
> From: McCarthy, Kathleen [mailto:[EMAIL PROTECTED]]
> Sent: September 20, 2001 3:46 PM
> To: NT System Admin Issues
> Subject: RE: Microsoft Has Nimda
>
> Hey, I agree too. From what I've read about Nimda thus far, it uses
> exploits that there have been patches out for for months. And the
> spreading
> through file sharing issue takes advantage of systems that haven't
> locked
> down their permissions. I've kept my servers and workstations patched
> with
> the most current and I lock down my machines - I don't leave
> any default
> permissions, I remove/disable services that aren't needed, etc. I
> haven't
> been infected by anything for over 2 years now - but I have plenty of
> logs
> to show that I've been attacked, just none have been successful as of
> yet.
>
> I'm sure that there are/will be worms developed to exploit
> vulnerabilities
> that there aren't already patches for, but it seems to me that the
> majority
> of the worms circulating all exploit vulnerabilities that there are
> already
> fixes for. If someone gets hit with something there are
> already patches
> for,
> I can't feel sorry for them.
>
> Kathleen McCarthy
>
> -----Original Message-----
> From: John Hornbuckle [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 20, 2001 14:15
> To: NT System Admin Issues
> Subject: RE: Microsoft Has Nimda
>
> I was beginning to think I was the only person who held this opinion!
>
>
> http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
>
> http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
>
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
