Worm probes
Jared Mauch
jared at puck.Nether.net
Tue Sep 18 16:46:41 UTC 2001
I just got an e-mail with
Subject: Central Command News for 09/14/2001 (Virus Update Notification)
It had readme.exe attached to it. Obviously one should not
open this.
Time to create a new .procmail rule.
On Tue, Sep 18, 2001 at 11:23:30AM -0500, Tim Winders wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I just received this update from Sophos. Perhaps this is the virus that
> is spreading?
-- snip --
> Description:
>
> W32/Nimda-A is an email-aware virus that spreads using an
> attached filename of README.EXE.
>
> Sophos researchers are continuing to examine the virus and will
> be posting a more detailed description of the virus on the
> Sophos website once the analysis is complete.
--
Jared Mauch | pgp key available via finger from jared at puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
More information about the NANOG
mailing list