[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Re:OpenSSL Worm in the wild....

Subject: RE: [cobalt-users] Re:OpenSSL Worm in the wild....
From: "Devin Smith" <devinsmith@xxxxxxxxxxxxxxx>
Date: Sat Sep 14 08:34:00 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

I was just thinking, if someone was to be really sure about it, they
would also want to add the servertokens productonly line to their
/etc/admserv/conf/httpd.conf file also.  This would also change the
server response on port 81, the default port for the Cobalt admin page
(also Apache).  Theory suggests that variants of this worm will likely
appear, and one of them may look for alternate ports or scan known ports
like this one for multiple instances of Apache, as is the case on all
Cobalt machines.

Best of luck to all,

Devin

> Charlie Summers wrote:
> 
> >At 9:56 PM -0400 9/13/02, Rick Ewart is rumored to have typed:
> >
> >>Sorry for the cross-post, but it looks pretty important....
> >>
> >
> >   Also kinda old news. This additiona was suggested in a 
> post back in July
> >(check the archives for a post from Devin Smith subjected 
> "Re: Rebuilding
> >after Haq - No SSH"
> >
> This is a new  worm, discovered today. It's called the 
> "Linux.Slapper.Worm". See this link:

References:
- Re: [cobalt-users] Re:OpenSSL Worm in the wild....
  - From: Shaun T. Erickson

Prev by Date: Re: [cobalt-users] OpenSSL Worm in the wild....
Next by Date: RE: [cobalt-users] OpenSSL Worm in the wild....
Previous by thread: RE: [cobalt-users] Re: Re:OpenSSL Worm in the wild....
Next by thread: Re: [cobalt-users] OpenSSL Worm in the wild....

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index