Re: Ramen Net Worm alert !

["Jonathan D. Proulx" <jon@ai.mit.edu>]

On Fri, Jan 19, 2001 at 09:16:24AM -0500, Noah L. Meyerhans wrote:
:
:From what I gather you don't even need to do that.  The worm seems to
:have hardcoded offsets to specifically take advantage of the Redhat
:builds.  So even if you're running a vulnerable version of the software
:you're not likely to be bitten with this.  

I suspected this, but caution is the better part of valor or something
like that...

:be hard to reconfigure the worm to be effective against Debian, but it
:probably wouldn't be worth it.  There are a lot more clueless Redhat
:admins out there than clueless Debian admins.

:Plus, as you point out, we've got apt-get and security.debian.org.

True, should we have "Debian Certified GNU/Linux Admin" certificates :)

:Incedentally, machines under my control have been probed several times
:over the past few days.  The worm does appear pretty wide spread.

Perhaps it's because I'm such a high profile target anyway, but I
can't see the difference, though maybe I'm getting a statd attack
every 2 days rather than 3...

-Jon