No subject


Thu Nov 23 16:36:19 EST 2017


"Microsoft has determined that these attacks do not appear to exploit any
new product-related security vulnerabilities and do not appear to be viral
or worm-like in nature," the software giant stated in an advisory posted
late Friday. "Instead, the attacks seek to take advantage of situations
where (proper) precautions have not been taken." 

http://news.com.com/2100-1001-957159.html?tag=fd_top

- Jeff


> -----Original Message-----
> From: Matt Yackley [mailto:Matt.Yackley at ...5858...]
> Sent: Friday, September 06, 2002 4:39 PM
> To: 'Mike Shaw'; 'snort-users at lists.sourceforge.net'
> Subject: RE: [Snort-users] WIN2K IRC Trojan
> 
> 
> Still trying to find out myself, this article from Wired 
> seems to have the
> most actual info I have seen yet, but its not much....
> http://www.wired.com/news/technology/0,1282,54942,00.html
> 
> Also the information in the article is more of what the 
> trojans do, but so
> far I haven't seen any info on how the trojans get planted in 
> the first
> place.....
> 
> I'm guessing that someone is taking advantage of 
> CR/Nimda/SQLSnake infected
> machines to get in and plant this updated IRC backdoor... 
> Well that's my
> theory anyway :)
> 
> Matt
> 
> -----Original Message-----
> From: Mike Shaw [mailto:mshaw at ...3165...]
> Sent: Friday, September 06, 2002 3:14 PM
> To: Ian Macdonald; F.M. Taylor; snort-users at lists.sourceforge.net
> Subject: Re: [Snort-users] WIN2K IRC Trojan
> 
> 
> What are the details on the trojan?  I may have a copy on the way.
> 
> -Mike
> 
> At 03:53 PM 9/6/2002 -0400, Ian Macdonald wrote:
> >If anyone has any details on how this works please send them to the
> >snort-sigs mailing list so we can write some sigs.
> >
> >Ian
> >----- Original Message -----
> >From: "F.M. Taylor" <root at ...28...>
> >To: <snort-users at lists.sourceforge.net>
> >Sent: Friday, September 06, 2002 3:11 PM
> >Subject: [Snort-users] WIN2K IRC Trojan
> >
> >
> > >
> > > Dudez, wtf is up with this trojan/hack/bot/win2k exploit 
> that seems to
> be
> > > speading itself fairly rapidly.  Is there a sig for this 
> yet?  Does
> anyone
> > > even know how this thing is being spread??
> > >
> > >
> > > --
> > > Mike Taylor
> > > Coordinator of Systems Administration and Network Security
> > > Indiana State University.               Rankin Hall Rm 053
> > > 210 N 7th St.                           Terre Haute, IN.
> > > SANS GSEC  http://www.sans.org/
> > >
> > >
> > >
> > > -------------------------------------------------------
> > > This sf.net email is sponsored by: OSDN - Tired of that same old
> > > cell phone?  Get a new here for FREE!
> > > https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
> > > _______________________________________________
> > > Snort-users mailing list
> > > Snort-users at lists.sourceforge.net
> > > Go to this URL to change user options or unsubscribe:
> > > https://lists.sourceforge.net/lists/listinfo/snort-users
> > > Snort-users list archive:
> > > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> > >
> >
> >
> >
> >-------------------------------------------------------
> >This sf.net email is sponsored by: OSDN - Tired of that same old
> >cell phone?  Get a new here for FREE!
> >https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
> >_______________________________________________
> >Snort-users mailing list
> >Snort-users at lists.sourceforge.net
> >Go to this URL to change user options or unsubscribe:
> >https://lists.sourceforge.net/lists/listinfo/snort-users
> >Snort-users list archive:
> >http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 
> 
> 
> -------------------------------------------------------
> This sf.net email is sponsored by: OSDN - Tired of that same old
> cell phone?  Get a new here for FREE!
> https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 
> 
> -------------------------------------------------------
> This sf.net email is sponsored by: OSDN - Tired of that same old
> cell phone?  Get a new here for FREE!
> https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 




More information about the Snort-users mailing list