[sdiy] OT: LION; new Linux BIND worm...
Drew Smith
drew at pctc.com
Fri Mar 23 19:02:46 CET 2001
Hey folks,
Off topic - but important.
Anyone running Linux on the internet, check your BIND version (use
named -v).
If you're anything other than 8.9.3-REL or 8.9.3-REL-NOESW, you really
gotta upgrade RIGHT NOW. There's a new worm making the rounds FAST, and
it's a nasty one. Takes the machine over, installs a rootkit, and
unlike the Ramen worm, it opens ports allowing anyone to take control of
your machine.
Details are at http://www.sans.org/y2k/lion.htm.
This is seriously urgent. My network has been scanned over 100 times
since YESTERDAY, by comprimised machines. If you find a directory
/usr/man/man1/man1/lib/.lib, you're already cracked - the URL above will
help.
Cheers,
- Drew.
--
Drew Smith, UNIX Network Administrator
Pacific Corporate Trust Company, Vancouver
More information about the Synth-diy
mailing list