[PLUG] Slapper.C

Keith Nasman keith at ahapala.net
Tue Oct 1 17:27:06 UTC 2002


I just found one of my servers infected with the Slapper.C(Cinik) worm. 
This machine is totally up to date as far as Red Hat Network, which means 
openssl-0.9.6b-28.

I have read most of the threads in here on Slapper and I surmised that RH 
back-ported the appropriate fix. Apparently I was wrong, and now all my 
machines are exposed.

For more info:
http://isc.incidents.org/analysis.html?id=173
http://isc.incidents.org/analysis.html?id=167

Now, on to damage control mode :-/

Keith





More information about the PLUG mailing list