[ale] RED HAT WORM
Frank Zamenski
fzamenski at voyager.net
Sun Jan 21 04:46:47 EST 2001
>
> On Sat, Jan 20, 2001 at 12:12:01AM -0500, Bob wrote:
> > This worm can infect Red Hat 6.2 and Red Hat 7 running on Intel systems
> > and deface web sites.
>
> RedHat 6.2 systems which have not been kept up to date and
> RedHat 7.0 First Edition. RedHat 7.0 Second Edition (Respin) is not
> vulnerable or is RedHat 6.2 if the updates have been applied. You're
> also safe from the worm (but not the exploits it uses) if you don't
> have ftp enabled. It uses ftp to decide if you are vulnerable or not.
> It does not need anonymous ftp access to do so, either, it only needs
> the ftp banner.
>
> Mike
"... it only needs the ftp banner."
(I almost hate to ask. :) Ok, why not just remove the banner?
-fgz
> --
> Michael H. Warfield | (770) 985-6132 | mhw at WittsEnd.com
> (The Mad Wizard) | (678) 463-0932 |
http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the best of all
> PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
>
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message
body.
>
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list