lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <B7C2C6BA798F3C4DBDD78BEDC1F8AD5709637665@nycmb01.law.sullcrom.com>
From: dowlingg at sullcrom.com (Dowling, Gabrielle)
Subject: Cleanining viruses from netware

A certain mass maier that infected a netware environment?  And you have a buddy to fix it?

Please talk about the mass mailer. You think is inplay,

G

-----Original Message-----
From: Gadi Evron <ge@...tistical.reprehensible.net>
To: Full-Disclosure <full-disclosure@...ts.netsys.com>
CC: Dowling, Gabrielle <dowlingg@...lcrom.com>
Sent: Mon May 31 09:53:39 2004
Subject: Re: [Full-Disclosure] Cleanining viruses from netware

Dowling, Gabrielle wrote:
> Gadi....
> 
> What exactly are you encountering?
> 
> If you aren't running an av nlm on the server(s) in question, you should be able to map a drive to the system from even a workstation, and run a scan from there.
> 
> I'm not aware of anything that can actually infect a netware system, just things that can drop latent infectious content when write rights are relatively open.
> 
> What exactly are you dealing with?

A certain mass mailer which infected a netware network.

I've dealt with most of it, but I am looking for some script similar to 
what a friend of mine once wrote for active directory, using LDAP and 
running from a domain admin account.

The script scanned the network and remotely removed the infection... 
Which is what I am looking for, if one such as that already exist and 
can be shared.. only for netware.

Thanks for your answer,

	Gadi Evron.


-- 
Email: ge@...uxbox.org.  Work: gadie@....gov.il. Backup: ge@...p.mx.dk.
Phone: +972-50-428610 (Cell).

PGP key for attachments: http://vapid.reprehensible.net/~ge/Gadi_Evron.asc
ID: 0xD9216A06 FP: 5BB0 D3E2 D3C1 19B7 2104  C0D0 A7B3 1CF7 D921 6A06
GPG key for encrypted email: 
http://vapid.reprehensible.net/~ge/Gadi_Evron_Emails.asc
ID: 0x06C7D450 FP: 3B88 845A DF1F 4062 E5BA  569A A87E 8DB7 06C7 D450




**********************************************************************
This e-mail is sent by a law firm and contains information
that may be privileged and confidential. If you are not the 
intended recipient, please delete the e-mail and notify us 
immediately. 
***********************************************************************

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040601/4ee1b4b3/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ