Re: And you thought you only had to worry about MSBlaster...
- From: "Jim Harrison" <jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 20 Aug 2003 13:28:53 -0700
I wasn't trying to address the "tagalong" viruses, just the causative worms.
I'll never try to hand you a script to remove a virus; the nature of the
beast dictates that a script is ineffective against them.
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://www.microsoft.com/isaserver
http://isaserver.org/Jim_Harrison
http://isatools.org
Read the help, books and articles!
----- Original Message -----
From: "John Tolmachoff (Lists)" <johnlist@xxxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, August 20, 2003 10:43
Subject: [isalist] Re: And you thought you only had to worry about
MSBlaster...
http://www.ISAserver.org
But does it cover RpcSpybot-*?
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
> -----Original Message-----
> From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> Sent: Wednesday, August 20, 2003 10:18 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: And you thought you only had to worry about
MSBlaster...
>
> http://www.ISAserver.org
>
>
> Version 1.2 (released yesterday) handles Blaster variants .A - .E.
>
> Your reference is behind the times... ;-)
>
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://www.microsoft.com/isaserver
> http://isaserver.org/Jim_Harrison
> http://isatools.org
>
> Read the help, books and articles!
> ----- Original Message -----
> From: "John Tolmachoff (Lists)" <johnlist@xxxxxxxxxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Wednesday, August 20, 2003 08:17
> Subject: [isalist] And you thought you only had to worry about
MSBlaster...
>
>
> http://www.ISAserver.org
>
>
> >From the SANS newsletter:
>
>
>
> --Blaster Variants and the RpcSpybot Trojan are Spreading (13/14 August
> 2003) Two variants of the Blaster worm, Blaster.B and Blaster.C have been
> detected in Asia. Because of their similarity to the original worm,
> anti-virus scanners should detect them. In addition, a Trojan named
> RpcSpybot-A that exploits the same Windows vulnerability that Blaster
> exploits has been spreading. RpcSpybot creates a backdoor on systems it
> infects. http://www.pcworld.com/news/article/0,aid,112002,00.asp
>
> http://www.theregister.co.uk/content/56/32326.html
>
>
>
> Jim, version number what of the script are you on know?
>
>
>
> John Tolmachoff MCSE CSSA
>
> Engineer/Consultant
>
> eServices For You
>
> www.eservicesforyou.com
>
>
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> johnlist@xxxxxxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
