worm infection on linux host ? was: port 80 access while downloading over ppp ?
Thanks all.
It was nearly for sure the "Code Red II" worm. So it's still around....
I'll try nmap and snort, thanks, James.
This was a good opportunity to learn sth new.
I'm not sure if i should block those worMS at all !
I wonder if any serious danger to a _linux_ machine (no server) is out there.
I didn't hear that by now. What could they do ? Does anybody know ?
I hope checking permissions and suid's, enforcing sudo, no passwords laying
around and such things would be enough ?
But a worm still could scan or delete user-data ?
--
mi <mrl>
Reply to: