RE: New virus outbreak.

• Previous message: Harlan Carvey: "Re: Solved !! "Girlnextdoor_" TCP Ports 1025/1028"
• Maybe in reply to: Danny: "New virus outbreak."
• Next in thread: KoRe MeLtDoWn: "RE: New virus outbreak."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Danny <Danny@drexel.edu>
To: 'Harlan Carvey' <keydet89@yahoo.com>, "'incidents@securityfocus.com'" <incidents@securityfocus.com>
Date: Mon, 10 Mar 2003 14:17:46 -0500

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I don't have direct access to any of these boxes, in fact I don't have any access other than being able to hit their non routable IP's from out network. So unfortunately the info I've given you guys is all I have.

Cheers
Danny
Network Security Engineer
Drexel University
PGP Print: C6AD B205 E3C6 38AB 0164 6604 66F5 CCFC F4ED F1E0
PGP Key: http://akasha.irt.drexel.edu/danny.asc
 

|->-----Original Message-----
|->From: Harlan Carvey [mailto:keydet89@yahoo.com]
|->Sent: Monday, March 10, 2003 9:18 AM
|->To: incidents@securityfocus.com
|->Subject: re: New virus outbreak.
|->
|->Danny,
|->
|->What else can you tell us about this?
|->
|->I checked McAfee's site for what you mentioned...
|->http://vil.mcafee.com/dispVirus.asp?virus_k=98963
|->
|->How do you know that this is misdetected? What
|->processes are running and are associated with what
|->you're seeing? What ports, if any, are opened? Have
|->you tried updating your A/V software, and re-running
|->the scan?
|->
|->__________________________________________________
|->Do you Yahoo!?
|->Yahoo! Tax Center - forms, calculators, tips, more
|->http://taxes.yahoo.com/
|->
|->-------------------------------------------------------------------------
|->---
|->
|-><Pre>Lose another weekend managing your IDS?
|->Take back your personal time.
|->15-day free trial of StillSecure Border Guard.</Pre>
|-><A href="http://www.securityfocus.com/stillsecure">
|->http://www.securityfocus.com/stillsecure </A>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBPmzlqWb1zPz07fHgEQJL5wCfRER/tLR4YtJelTqDVoLcBKy4iSoAoLXY
huNe7W2ZvdBtxrAo+qEqYooy
=RiYH
-----END PGP SIGNATURE-----

----------------------------------------------------------------------------

<Pre>Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre>
<A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>

• Previous message: Harlan Carvey: "Re: Solved !! "Girlnextdoor_" TCP Ports 1025/1028"
• Maybe in reply to: Danny: "New virus outbreak."
• Next in thread: KoRe MeLtDoWn: "RE: New virus outbreak."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: SPM2000$ Rouge Share - Information ... It is indeed created by Service Pack ... >Lose another weekend managing your IDS? ... >Take back your personal time. ... (Incidents) RE: Possible new backdoor: mspx-smss.exe ? ... Subject: Possible new backdoor: mspx-smss.exe? ... Lose another weekend managing your IDS? ... Take back your personal time. ... (Incidents) Increase in Scans of Port 445? ... Lose another weekend managing your IDS? ... Take back your personal time. ... 15-day free trial of StillSecure Border Guard. ... (Incidents) re: New virus outbreak. ... Do you Yahoo!? ... Lose another weekend managing your IDS? ... Take back your personal time. ... (Incidents)