MSUNAG Archives

MSUNAG Archives


View:

Next Message | Previous Message
Next in Topic | Previous in Topic
Next by Same Author | Previous by Same Author
Chronologically | Most Recent First
Proportional Font | Monospaced Font

Options:

Join or Leave MSUNAG
Reply | Post New Message
Search Archives


Subject: Re: nimda-e worm
From: Peter Chin <[log in to unmask]>
Reply-To:MSU Network Administrators Group <[log in to unmask]>
Date:Thu, 1 Nov 2001 15:42:03 -0500
Content-Type:text/plain
Parts/Attachments:
Parts/Attachments

text/plain (21 lines) 


Before you try scrubbing your server again I would recommend throughly checking your workstations.

Nimda is not a server-only worm like some of it's predecessors, which took advantage of the same IIS vulnerabilities.  There is a potent workstation component that spreads via email, network shares and infected web sites.

If you have an infected desktop that accesses your server it could be dropping and/or modifying files on your server.

here Network associates blurb on it:
http://vil.nai.com/vil/virusSummary.asp?virus_k=99209



Peter Chin
Network Administrator

Office of the Controller
Michigan State University
146 Administration Building
East Lansing, MI 48824

Ph. (517) 353-4443
Fx. (517) 353-1046

Back to: Top of Message | Previous Page | Main MSUNAG Page

Permalink


LIST.MSU.EDU

CataList Email List Search Powered by the LISTSERV Email List Manager