[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] RE: First Dcom Worm on wild

To: <full-disclosure@lists.netsys.com>
Subject: [Full-Disclosure] RE: First Dcom Worm on wild
From: <fulldisclosure@catholic.org>
Date: Mon, 11 Aug 2003 20:46:30 -0000 (GMT)

Some of our /24 classes are being currently scanned for
port 135, customers are calling tech support for "unwanted"
system reboot, RPC error messages from failled exploitation
i assume.

Seems like the worm is gaining some speed (msbast.exe)
Anyone with a packet capture ?



-----------------------------------------

This email was sent using FREE Catholic Online Webmail.
http://webmail.catholic.org/




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: [Full-Disclosure] RE: [Full-Disclosure]Ooops-->was-->what to do
Next by Date: Re: [Full-Disclosure] attacks shutting down windows machines?
Prev by thread: [Full-Disclosure] RE: [Full-Disclosure]Ooops-->was-->what to do
Next by thread: [Full-Disclosure] [SECURITY] [DSA-371-1] New perl packages fix cross-site scripting
Index(es):
- Date
- Thread