One of our standard procedures is to revoke execute on some packages from public, as recommended in the Database Administrator's Guide. It's page 715 of my copy (9i release 2). UTL_TCP is one of the packages that is recommended to revoke from public, which would help to stop this worm. Jay -----Original Message----- From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Paul Drake Sent: Thursday, November 03, 2005 3:58 PM To: DGoulet@xxxxxxxx Cc: oracle-l@xxxxxxxxxxxxx Subject: Re: Oracle Worm On 11/3/05, Goulet, Dick <DGoulet@xxxxxxxx> wrote: > Just got the following link from an E-week news message. Think all of > us will be interested. > > http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038290 > .h > tml > > Or: > > http://tinyurl.com/9so5f > > Dick Goulet > Senior Oracle DBA > Oracle Certified DBA > -- **DISCLAIMER This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received this communication in error, please notify the sender and delete this e-mail message. The contents do not represent the opinion of D&E except to the extent that it relates to their official business. -- //www.freelists.org/webpage/oracle-l