On Sat, 26 Jul 2003 21:44:08 -0500
MKlinke <[EMAIL PROTECTED]> wrote:
> On Saturday 26 July 2003 19:10, Tom Pollerman wrote:
> > Hello,
> > I just received the e-mail below. The file attachment scans
> > positive for the Bugbear virus by F-prot.
> >
> &g
On Saturday 26 July 2003 19:10, Tom Pollerman wrote:
> Hello,
> I just received the e-mail below. The file attachment scans
> positive for the Bugbear virus by F-prot.
>
> /root/Mail/inbox/448->emails.doc.pif Infection: W32/[EMAIL PROTECTED]
>
> I've sent a m
On 26 Jul 2003 21:18:37 -0400
Ricky Boone <[EMAIL PROTECTED]> wrote:
> On Sat, 2003-07-26 at 20:10, Tom Pollerman wrote:
> > Hello,
> > I just received the e-mail below. The file attachment scans
> > positive for the Bugbear virus by F-prot.
> >
> &g
On Sat, 2003-07-26 at 20:10, Tom Pollerman wrote:
> Hello,
> I just received the e-mail below. The file attachment scans
> positive for the Bugbear virus by F-prot.
>
> /root/Mail/inbox/448->emails.doc.pif Infection: W32/[EMAIL PROTECTED]
>
> I've sent a m
Hello,
I just received the e-mail below. The file attachment scans
positive for the Bugbear virus by F-prot.
/root/Mail/inbox/448->emails.doc.pif Infection: W32/[EMAIL PROTECTED]
I've sent a message about it to Nick White.
You may want to loo
On Thursday 12 June 2003 23:49, Cliff Wells wrote:
> On Fri, 2003-06-06 at 07:07, Jonathan Bartlett wrote:
> > I'm sure most of you know this, but there's a simple way to detect
> > bugbear infections on your network using Linux, since it opens up
> > port 1080:
&
On Fri, 2003-06-06 at 07:07, Jonathan Bartlett wrote:
> I'm sure most of you know this, but there's a simple way to detect bugbear
> infections on your network using Linux, since it opens up port 1080:
>
> nmap -sT -p 1080 network/netmask
>
> For my internal network
Your firewall is blocking the output for the scan
iptables OUTPUT -P ACCEPT
Will fix that.
-Original Message-
From: Mark Neidorff [mailto:[EMAIL PROTECTED]
Sent: Sunday, June 08, 2003 10:02 AM
To: [EMAIL PROTECTED]
Subject: Re: Quick BugBear Detection
Here's what mine reports:
Here's what mine reports:
nmap -sT -p 1080 192.168.1.0/24
Starting nmap V. 2.54BETA31 ( www.insecure.org/nmap/ )
sendto in send_ip_raw: sendto(4, packet, 28, 0, 192.168.1.0, 16) =>
Operation not permitted
and this message keeps repeating (once for send_ip_raw and once for
send_tcp_raw) all the
On Fri, 2003-06-06 at 21:48, Cowles, Steve wrote:
> I have not seen the bugbear virus from this list, but trendmico is showing a
> new strain of bugbear making a comeback:
> Steve Cowles
I've been graced enough to receive both the Sobig and Bugbear - but I
actually find it rather a
On Fri, 2003-06-06 at 21:30, Martin Moss wrote:
> Is bugbear doing the rounds again?
> I'm getting several messages from people on this list with bugbear attached?
>
> Marty
It's a new variation, and it's dragging Windows boxes down along with
the networks that they li
Hi Jason,
I saw both...Open and Filtered..
I am trying to scan machines that has possible Bugbear virus...
thanks
-Original Message-
From: Gordon Messmer [mailto:[EMAIL PROTECTED]
Sent: Friday, June 06, 2003 9:11 AM
To: [EMAIL PROTECTED]
Subject: Re: Quick BugBear Detection
Jason
Mine said open.??
Gordon Messmer wrote:
>
> Jason Staudenmayer wrote:
> > Why would it also see that port open on a Linux box?
> > I ran netstat -an |grep 1080 but didn't see anything watching that port.
>
> Was it reported "open" or "filtered"? The latter will happen if you
> have a firewa
"Filtered"
So it sees the firewall dropping it. My INPUT policy is DROP
-Original Message-
From: Gordon Messmer [mailto:[EMAIL PROTECTED]
Sent: Friday, June 06, 2003 12:11 PM
To: [EMAIL PROTECTED]
Subject: Re: Quick BugBear Detection
Jason Staudenmayer wrote:
> Why woul
Jason Staudenmayer wrote:
Why would it also see that port open on a Linux box?
I ran netstat -an |grep 1080 but didn't see anything watching that port.
Was it reported "open" or "filtered"? The latter will happen if you
have a firewall set to DROP packets on that port.
--
redhat-list mailing l
.
> Using nmap -sT -v -p 1080"
>
> Any ideas>
> thanks
>
> -Original Message-
> From: Robert Canary [mailto:[EMAIL PROTECTED]
> Sent: Friday, June 06, 2003 7:35 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Quick BugBear Detection
>
> hmmm, I neve
Why would it also see that port open on a Linux box?
I ran netstat -an |grep 1080 but didn't see anything watching that port.
-Original Message-
From: Go, Jeffrey [mailto:[EMAIL PROTECTED]
Sent: Friday, June 06, 2003 11:46 AM
To: '[EMAIL PROTECTED]'
Subject: RE: Quick Bu
Subject: Re: Quick BugBear Detection
hmmm, I never seen nmap before, what is it?
Jonathan Bartlett wrote:
>
> I'm sure most of you know this, but there's a simple way to detect bugbear
> infections on your network using Linux, since it opens up port 1080:
>
> nmap -sT -
> > nmap is a port scanner for linux (and a pretty good one at that)
> >
> > Skip
> >
> > On Fri, 2003-06-06 at 10:35, Robert Canary wrote:
> > > hmmm, I never seen nmap before, what is it?
> > >
> > > Jonathan Bartlett wrote:
>
6-06 at 10:35, Robert Canary wrote:
> > hmmm, I never seen nmap before, what is it?
> >
> > Jonathan Bartlett wrote:
> > >
> > > I'm sure most of you know this, but there's a simple way to detect bugbear
> > > infections on your network using Linu
> I'm sure most of you know this, but there's a simple way to detect bugbear
> > infections on your network using Linux, since it opens up port 1080:
> >
> > nmap -sT -p 1080 network/netmask
> >
> > For my internal network I use
> >
> > nmap -s
hmmm, I never seen nmap before, what is it?
Jonathan Bartlett wrote:
>
> I'm sure most of you know this, but there's a simple way to detect bugbear
> infections on your network using Linux, since it opens up port 1080:
>
> nmap -sT -p 1080 network/netmask
>
>
I'm sure most of you know this, but there's a simple way to detect bugbear
infections on your network using Linux, since it opens up port 1080:
nmap -sT -p 1080 network/netmask
For my internal network I use
nmap -sT -p 1080 192.168.2.0/24
Jon
--
redhat-list mailing list
unsubscr
On Fri, Jun 06, 2003 at 12:30:30PM +0100, Martin Moss wrote:
>
> Is bugbear doing the rounds again?
> I'm getting several messages from people on this list with bugbear attached?
It's actually bugbear.b, a variant of the original but yes,
it has started spreading.
Emmanue
Hi all,
Our eMail-scanner sucessfully mounted 245 BugBears to /dev/null
between 08.00 and 14.00 CEST :-)
kind regards
Martin Mewes
--
# RedHat MailList FAQhttp://www.reznet.uleth.ca/faq/ #
# Deutsche Übersetzung http://www.mamemu.de/faq/redhat-list-german/ #
# Official Releas
On Friday 06 Jun 2003 12:30 pm, Martin Moss wrote:
> Is bugbear doing the rounds again?
> I'm getting several messages from people on this list with bugbear
> attached?
It's a new varient - BugBear-B. Many of the anti-virus houses already have
patches for it. Also, commo
> -Original Message-
> From: Martin Moss
> Sent: Friday, June 06, 2003 6:31 AM
> Subject: bugbear
>
> Is bugbear doing the rounds again?
> I'm getting several messages from people on this list with
> bugbear attached?
I have not seen the bugbear virus fro
Yes. It has been classed as a level 4 (with 5 being the highest) threat by
Symantec and 'High' by McAffee.
-Original Message-
From: Martin Moss [mailto:[EMAIL PROTECTED]
Sent: Friday, June 06, 2003 12:31 PM
To: [EMAIL PROTECTED]
Subject: bugbear
Is bugbear doing the rounds
Is bugbear doing the rounds again?
I'm getting several messages from people on this list with bugbear attached?
Marty
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list
29 matches
Mail list logo