Worm probes
Tim Winders
twinders at SPC.cc.tx.us
Tue Sep 18 16:23:30 UTC 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I just received this update from Sophos. Perhaps this is the virus that
is spreading?
=== Tim
**********************************************
Tim Winders, MCSE, CNE, CCNA
Associate Dean of Information Technology
South Plains College
Levelland, TX 79336
Phone: 806-894-9611 x 2369
FAX: 806-894-1549
Email: TWinders at SPC.cc.tx.us
**********************************************
Date: Tue, 18 Sep 2001 16:45:07 +0100 (BST)
From: Sophos Alert System <listmaster at sophos.com>
Reply-To: sophos-list-bounce at sophos.com
To: Undisclosed recipients: ;
Subject: Sophos Anti-Virus IDE alert: W32/Nimda-A
Name: W32/Nimda-A
Type: W32 executable file virus
Date: 18 September 2001
A virus identity file (IDE) which provides protection is
available now from our website and will be incorporated
into the November 2001 (3.51) release of Sophos Anti-Virus.
Sophos has received many reports of this virus from the wild.
Description:
W32/Nimda-A is an email-aware virus that spreads using an
attached filename of README.EXE.
Sophos researchers are continuing to examine the virus and will
be posting a more detailed description of the virus on the
Sophos website once the analysis is complete.
Download the IDE file from
http://www.sophos.com/downloads/ide/nimda-a.ide
Read the analysis at
http://www.sophos.com/virusinfo/analyses/w32nimdaa.html
Download a ZIP file containing all the IDE files available for
the current version of Sophos Anti-Virus from
http://www.sophos.com/downloads/ide/ides.zip
Read about how to use IDE files at
http://www.sophos.com/downloads/ide/using.html
To unsubscribe from this service please visit
http://www.sophos.com/virusinfo/notifications
On Tue, 18 Sep 2001, Mark Radabaugh - Amplex wrote:
>
> Follow up...
>
> The web page on infected servers includes a script to send and open the
> file 'readme.exe' on windows machines. I do not know the details of
> when the executable does yet.
>
> Mark
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (OSF1)
Comment: Made with pgp4pine 1.76
iEYEARECAAYFAjundQUACgkQTPuHnIooYby+TwCfQcCXMSbLg1K/kmVXC9tS8DRR
e/AAn3wEKbB8Us2u2B39YBT5couH5EcE
=VXKa
-----END PGP SIGNATURE-----
More information about the NANOG
mailing list