[NBLUG/talk] openssh exploit?
Kyle Rankin
kyle at nblug.org
Tue Sep 16 11:36:01 PDT 2003
On Tue, Sep 16, 2003 at 11:31:05AM -0700, Scott Doty wrote:
> On Tue, Sep 16, 2003 at 10:41:33AM -0700, Mitch Patenaude wrote:
> > According to the buzz (Slashdot and the full disclosure list), there is
> > an active exploit in the wild -- a worm. Several ISPs have starting
> > blocking port 22 both because of root exploits on their servers, and
> > because the worm actively makes MANY connection requests looking for
> > the right offset, creating a DOS.
>
> Question: how can one determine if a system has the worm?
>
> -Scott
Until there is definitive information that a worm does exist, and perhaps
example code and/or analysis of the worm, there's no real way of telling.
Apparently there are reports that the worm uses a lot of bandwidth trying
to spread, but again, nothing confirmed.
--
Kyle Rankin
NBLUG President
The North Bay Linux Users Group
http://nblug.org
IRC: greenfly at irc.freenode.net #nblug
kyle at nblug.org
More information about the talk
mailing list