Re: Ramen Net Worm alert !
On Fri, Jan 19, 2001 at 09:16:24AM -0500, Noah L. Meyerhans wrote:
:
:From what I gather you don't even need to do that. The worm seems to
:have hardcoded offsets to specifically take advantage of the Redhat
:builds. So even if you're running a vulnerable version of the software
:you're not likely to be bitten with this.
I suspected this, but caution is the better part of valor or something
like that...
:be hard to reconfigure the worm to be effective against Debian, but it
:probably wouldn't be worth it. There are a lot more clueless Redhat
:admins out there than clueless Debian admins.
:Plus, as you point out, we've got apt-get and security.debian.org.
True, should we have "Debian Certified GNU/Linux Admin" certificates :)
:Incedentally, machines under my control have been probed several times
:over the past few days. The worm does appear pretty wide spread.
Perhaps it's because I'm such a high profile target anyway, but I
can't see the difference, though maybe I'm getting a statd attack
every 2 days rather than 3...
-Jon
Reply to: