-
March 26th, 2003, 12:30 PM
#1
Junior Member
-
March 26th, 2003, 12:36 PM
#2
Nimda was (is) a worm that is still spreading around the net http://www.symantec.com/avcenter/ven...imda.a@mm.html
maybe contact the admin of the IP and tell them that they could be infected with a strain of the Nimda worm if your firewall is blocking it you shouldnt have anything to worry about
By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
The 20th century pharoes have the slaves demanding work
http://muaythaiscotland.com/
-
March 26th, 2003, 04:23 PM
#3
This ties in with a different thread I started:
Broadband & ISP Security
One of the attack vectors of Nimda relies on unpatched IIS systems. In some versions of Windows IIS installs by default so users may not even be aware that its running. Whether they are aware they have IIS or not, many home users don't patch their systems. As they move to broadband and leave their computers on the Internet 24/7 they are sitting ducks.
It would help to contact the ISP and alert them and hopefully they will do something. I have found that whether things are dealt with at all and how efficiently they are dealt with varies widely from ISP to ISP. It can become an exhausting exercise in futility to try and follow up on every Nimda-infected IP that hits your system.
-
March 26th, 2003, 04:36 PM
#4
Originally posted here by tonybradley
It would help to contact the ISP and alert them and hopefully they will do something. I have found that whether things are dealt with at all and how efficiently they are dealt with varies widely from ISP to ISP. It can become an exhausting exercise in futility to try and follow up on every Nimda-infected IP that hits your system.
I agree. But it doesn't hurt to try. I send out about 20-25 abuse emails a day about these kinds of infections. Some reply, some dont, some get killed ;-)
-
March 26th, 2003, 10:42 PM
#5
evan when you clean nimba i find it leave files in your system there are to types .eml and .nws do a*find just in case you have those files in your sytem.if yodo delete them
-
March 26th, 2003, 11:08 PM
#6
your fire walls blocking them...dont worry about it. If you feel like trying to inform those infected thats fine but we all get this.
one thing though if you decide to vist their web-site to see how to contact them make sure you have scripting turned off. you can get infected from a java script on their web page even if you dont have iis installed.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|