Make sure the computer is off line until you get the patches applied -
learned this through hard experience!
At 03:11 PM 11/1/2001 -0500, you wrote:
>Very frustrating. bard.cal.msu.edu is my box. It was hit by nimda in
>It was formatted and reloaded from a sept 8 backup, fully patched
>microsoft downloads and yet it has been exploited again. I am obviously
>something but I don't know what. I had noticed unusual activity and had
>off the wire before Gene's email went out. I was probed by 188.8.131.52 and
>184.108.40.206 but my log shows 404's so I don't know how the heck they got in.
>Any help in buttoning this up would be much appreciated.
>Arts and Letters
Cheryl Akers, MS, CNA - [log in to unmask]
Microcomputer Support - Microbiology and Molecular Genetics
Michigan State University
East Lansing, MI 48824