Redhat Worm?

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: KevinBrownkevin_brown@qwest.net
Date:  
Subject: Redhat Worm?
Looks to be an automated self propagating script. Uses lpr or wuftp
vulnerabilities to get in, closes the holes, installs a root kit and then tries
to find a new site to hit. So unlike a windows worm that just needs an idiot
user to propagate it, this one requires that the admin didn't close those two
holes by either upgrading the daemons or, as I do, shutting them
off/uninstalling the unnecessary rpms.

> > this bears reading folks....
> > looks like the cyberpunks are at it again. :(
> > http://www.theregister.co.uk/content/6/16168.html
>
> I always knew there was a connection between worms and ramen noodles.