| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <00a601c360b9$10bc0680$186310ac@beast24> From: mike at blakogre.com (Mike Vasquez) Subject: [fd] AW: attacks shutting down windows machines? I wouldn't go by such anecdotal evidence as shutdown/reboot times. Check your event viewer logs for RPC/DCOM errors, monitor your network traffic, check for the suspicious files on the systems, scan for the ports opened by the worm, etc.... Mike ----- Original Message ----- From: <vogt@...senet.com> To: <mjcarter@...g.co.nz>; <full-disclosure@...ts.netsys.com> Sent: Tuesday, August 12, 2003 2:14 AM Subject: [fd] AW: [Full-Disclosure] attacks shutting down windows machines? > > Are they getting the windows shut down prompt? If so I would suggest > > that they aren't patched against the RPC DCOM vul and are infected or > > even if they aren't getting a prompt I think it's still > > highly possible > > Yes, it looks very much like the worm. However, someone here mentioned that > it takes about 1 min. for windos to crash (can't they do even that right? :) > ). > What we are seing are very rapid reboots, at most 20 seconds. > > > I'll put it on the worm for now. > > > Tom Vogt > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists