| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: pauls at utdallas.edu (Schmehl, Paul L) Subject: another new worm submission Paul Schmehl (pauls@...allas.edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ > -----Original Message----- > From: Perrymon, Josh L. [mailto:PerrymonJ@....com] > Sent: Sunday, June 06, 2004 10:36 PM > To: 'Ron DuFresne'; Jerry Heidtke > Cc: Schmehl, Paul L; full-disclosure@...sys.com > Subject: RE: [Full-Disclosure] another new worm submission > > I agree. > > Anyone that would have those ports open has a *lot more to > worry about that cleaning a few worm infections. > That's not the case here. This infection was caused by a > remote user not a Lan user. > With several hundred laptops it's hard have 0 exposure. As > with any growing security practice and today's decreased > budgets areas of focus are determined on risk exposure. > > Anywho- > I found the Trojan to be backdoor.nibu.g- although Symantec > AV didn't pick it up until tonight. > > I think this is a good example that perimeter security is > only part of the battle. > Tomorrow's morning meeting will stress the importance of > desktop firewalls again and a good patch management process. > You can talk until your blue in the face to upper management > but I find 90% to be reactive. > I rest my case. Paul Schmehl (pauls@...allas.edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/
Powered by blists - more mailing lists