[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] DCOM
- To: <full-disclosure@lists.netsys.com>
- Subject: Re: [Full-Disclosure] DCOM
- From: "gregh" <chows@ozemail.com.au>
- Date: Wed, 13 Aug 2003 07:53:17 +1000
> ----- Original Message -----
> From: /m
> To: full-disclosure@lists.netsys.com
> Sent: Tuesday, August 12, 2003 6:24 AM
> Subject: Re: [Full-Disclosure] DCOM
> one of my boxes got dcom'd up last night.
You might be interested in http://vil.nai.com/vil/stinger/ where you can download Stinger which, copied direct from the web site, says:
-------------
Download Stinger.exe v1.8.0 [697,351 bytes] (8/11/2003)
or Download ePOStg179.Zip EPO deployable version (for EPO administrators) of Stinger v1.7.9. (version 1.8.0 with detection for W32/Lovsan.worm will be released shortly).
This version of Stinger includes detection for all known variants, as of August 11, 2003:
BackDoor-AQJBat/Mumu.wormIPCScan
IRC/Flood.apIRC/Flood.biIRC/Flood.cd
NTServiceLoaderPWS-SincomW32/Bugbear@MM
W32/Deborm.worm.genW32/Elkern.cavW32/Fizzer.gen@MM
W32/FunLoveW32/KlezW32/Lirva
W32/LovgateW32/Lovsan.wormW32/Mimail@MM
W32/MoFei.wormW32/Mumu.b.wormW32/Nimda
W32/Sdbot.worm.genW32/SirCam@MMW32/Sobig
W32/SQLSlammer.wormW32/Yaha@MM
-------------
Might be of some use to all here. I like it better than Symantec removal tools as it knows multiple tools in one hit and does whatever it can for them all in one pass rather than downloading a tool per new nasty.
BTW, I am not promoting them, just find running ONE removal tool for multiple things easier. Probably because I am lazy! ;-}
Greg.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html