[Full-Disclosure] request for help dealing with a netware outbreak

• Previous message: Alexander: "[Full-Disclosure] SecurityLab.Ru Report: The Top 10 Most Critical Vulnerabilities in May 2004"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: Full-Disclosure <full-disclosure@lists.netsys.com>
Date: Sun, 30 May 2004 18:48:03 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Does anyone have any ready-made script in say, perl for example, to scan
and/or clean a certain virus from machines on a network, through
whatever a domain/active directory is called in netware. I suppose the
actual details of registry keys/files to remove/etc. can be changed.

Thanks in advance,

        Gadi Evron.

- --
Email: ge@linuxbox.org. Work: gadie@cbs.gov.il. Backup: ge@warp.mx.dk.
Phone: +972-50-428610 (Cell).

PGP key for attachments: http://vapid.reprehensible.net/~ge/Gadi_Evron.asc
ID: 0xD9216A06 FP: 5BB0 D3E2 D3C1 19B7 2104 C0D0 A7B3 1CF7 D921 6A06
GPG key for encrypted email:
http://vapid.reprehensible.net/~ge/Gadi_Evron_Emails.asc
ID: 0x06C7D450 FP: 3B88 845A DF1F 4062 E5BA 569A A87E 8DB7 06C7 D450
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)

iD8DBQFAuhA5qH6NtwbH1FARAu3MAJ0aauAzt7SX2w0onBh1+nIqzA9/OQCdFvD9
POG2Hlw88F1NwPsvBRHFKxA=
=I57O
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Previous message: Alexander: "[Full-Disclosure] SecurityLab.Ru Report: The Top 10 Most Critical Vulnerabilities in May 2004"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Mysterious file - WINXPINIT.EXE ... Symantec has released new virus defs on Sep 13: ... > Although I have not found this file on any machines on my network, ... > before and after plugging the server into the isolated network. ... (microsoft.public.security.virus) RE: Exchange 5.5 and relaying ... I have symantec antivirus corporate edition running and ... none of the machines have a virus. ... network that is abusing ... (microsoft.public.exchange.misc) Virus running through our network ... the Backdoor.Trojan virus popped its head into our network. ... it appeared as though it got them (even on the machines that didn't pop up ... Users having R/W rights? ... (microsoft.public.win2000.security) Re: MonaRonaDona ... without a virus checker then the longest it is likely to last before a ... anything on the internet or intranet. ... I'm not on a network, ... traffic each copy was generating looking for new uninfected machines to ... (microsoft.public.windowsxp.general) did microsoft ever release a tool for sasser like they did blaster... ... hey got a small problem with sasser we have a few machines ... out and about on the network with the virus on but its ... i noticed some time last year during the blaster crisis ... (microsoft.public.windowsxp.security_admin)