The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #006 [Re: Yet more on the virus] (1 message, 769 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/006.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: Edward Vielmetti <emv@starbarlounge.cc.umich.edu>
To: [not phage]
Date: Thu 18:46:28 03/11/1988 EST
Subject: Re: Yet more on the virus
References: [Thread Prev: 003] [Thread Next: 009] [Message Prev: 383] [Message Next: 005]

I would suggest that you use the following order to clean out
the virus from your network, based on the fact that the
thing seems to hit hosts in the order of the /etc/hosts file.

Clean out 128.xxx.1.1 first, then 128.xxx.1.2, etc, making sure
that each one is safe down the line.  Fix hosts that are in the
nic published tables first. 


While you're at it, turn off anonymous FTP on your systems.

END OF DOCUMENT