North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Worm probes

  • From: Jared Mauch
  • Date: Tue Sep 18 12:57:13 2001

	I just got an e-mail with

 Subject: Central Command News for 09/14/2001 (Virus Update Notification)

	It had readme.exe attached to it.  Obviously one should not
open this.

	Time to create a new .procmail rule.

On Tue, Sep 18, 2001 at 11:23:30AM -0500, Tim Winders wrote:
> Hash: SHA1
> I just received this update from Sophos.  Perhaps this is the virus that
> is spreading?

-- snip --
> Description:
> W32/Nimda-A is an email-aware virus that spreads using an
> attached filename of README.EXE.
> Sophos researchers are continuing to examine the virus and will
> be posting a more detailed description of the virus on the
> Sophos website once the analysis is complete.

Jared Mauch  | pgp key available via finger from [email protected]
clue++;      |  My statements are only mine.