After upgrading from 7.2 to 7.3 I noticed that I had no drive space. I assumed that the upgrade used much of the drive to store temp files, but it appeared to me that I had plenty of space. Then I discovered that I had been infected by Slapper variant A (.uubugtaq). I downloaded the RH patches, but had difficulty applying them because the system thought it had to space. Finally, I installed in single-user mode. I thought all was well for a few minutes, but I'm out of space again.
Does slapper spoof the system into thinking that it has no space? Might I have another virus? Mark >>> [EMAIL PROTECTED] 09/24/02 17:36 PM >>> For those that may not have heard, there is already a new version of slapper out in the wild. I run multiple servers and had forgotten I ran SSL on one of them, so I got infected with it. :-( Anyway the new variant is called: cinik. It stores itself in the same directory (/tmp) but now all the filenames are .cinik.c .cinik, etc. This thing runs on UDP port 1978. This is also a broken one in that it will simply take down your internet connection totally even before an attack is launched. I would HIGHLY suggest people block off UDP port 1978 if they don't NEED it for something else. This variant still uses the same backdoor the original slapper worm did, so an upgrade of SSL should fix the problem. Some work has definately been done on this to make it a little harder to find. (It even says so in the opening comments.) hehehe. Just a heads up for everyone. - Matt -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list