slapper worm
Gene Heskett
gene.heskett at verizon.net
Wed Jan 25 05:54:17 UTC 2006
On Tuesday 24 January 2006 15:29, Mike McCarty wrote:
>Mike McCarty wrote:
>> Gene Heskett wrote:
>>> On Tuesday 24 January 2006 14:20, Mike Klinke wrote:
>>>> On Tuesday 24 January 2006 13:08, Mike McCarty wrote:
>>>>> I'm a little shocked at this, frankly. I Googled around, and
>>>>> found mentions of the Slapper going back to 2002. Why is it that
>>>>> this exploit (and variations of it) haven't all been stamped
>>>>> out years ago?
>>>>
>>>> Read the link I posted yesterday, according to them, it's been
>>>> rewritten to exploit new ways to get in to your box.
>>>>
>>>> http://www.lurhq.com/slapperv2.html
>>>
>>> If this file mentioned on the site doesn't exist on any of my
>>> systems, is it safe to assume relative safety against this attack?
>>>
>>> I would think so when combined with the ISP's (vz) blocking of port
>>> 80, but what do I know... Thats why I asked, Mike.
>>
>> I suppose you mean "Mike Klinke" and not "Mike McCarty" :-)
>>
>> I dunno. I just ran
>>
>> # find / -nmae xmlrpc.php -print
>
>What I get for typing that in instead of cut and paste.
>Of course, that was "name" not "nmae".
>
Chuckle. A classic example of hindsight being 20-10 or better. It
happens to the best of us.
>Mike
--
Cheers, Gene
People having trouble with vz bouncing email to me should add the word
'online' between the 'verizon', and the dot which bypasses vz's
stupid bounce rules. I do use spamassassin too. :-)
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2005 by Maurice Eugene Heskett, all rights reserved.
More information about the fedora-legacy-list
mailing list