[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Cleanining viruses from netware

Dowling, Gabrielle wrote:
Gadi....

What exactly are you encountering?

If you aren't running an av nlm on the server(s) in question, you should be able to map a drive to the system from even a workstation, and run a scan from there.

I'm not aware of anything that can actually infect a netware system, just things that can drop latent infectious content when write rights are relatively open.

What exactly are you dealing with?

A certain mass mailer which infected a netware network.

I've dealt with most of it, but I am looking for some script similar to what a friend of mine once wrote for active directory, using LDAP and running from a domain admin account.

The script scanned the network and remotely removed the infection... Which is what I am looking for, if one such as that already exist and can be shared.. only for netware.

Thanks for your answer,

Gadi Evron.


--
Email: ge@xxxxxxxxxxxxx  Work: gadie@xxxxxxxxxxx Backup: ge@xxxxxxxxxxx
Phone: +972-50-428610 (Cell).

PGP key for attachments: http://vapid.reprehensible.net/~ge/Gadi_Evron.asc
ID: 0xD9216A06 FP: 5BB0 D3E2 D3C1 19B7 2104 C0D0 A7B3 1CF7 D921 6A06
GPG key for encrypted email: http://vapid.reprehensible.net/~ge/Gadi_Evron_Emails.asc
ID: 0x06C7D450 FP: 3B88 845A DF1F 4062 E5BA 569A A87E 8DB7 06C7 D450

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html