HP3000-L Archives

September 2001, Week 3

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
W32/Nimda worm
From:
Mike Hornsby <[log in to unmask]>
Reply To:
Mike Hornsby <[log in to unmask]>
Date:
Fri, 21 Sep 2001 12:20:47 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (18 lines) 
Many of you are well aware of the "W32/Nimda worm" or the "Concept Virus (CV) v.5." If not, I strongly suggest :http://www.cert.org/advisories/CA-2001-26.html

I have written a simple freeware program to string search and summarize the server logs, in this case for the virus footprint (root.exe & cmd.exe). This can be useful for identifying internal and external infected systems. Even if you are not using Apache on the HP3000, you can upload other server logs to the HP3000, and use this program to scan those logs.

If you are interested please email me and I will send you my Logscan program and instructions.

Cordially,


Mike Hornsby
Co-founder/Chief Technical Officer
Beechglen Development Inc. (beechglen.com)
513-922-0509
[log in to unmask]

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2