|
|
ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #053 [Re: Disassembled virus?] (1 message, 620 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/053.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.
START OF DOCUMENT
From: "Matt Crawford" <matt@oddjob.uchicago.edu>
To: phage
Date: Sat 10:30:06 05/11/1988 EST
Subject: Re: Disassembled virus?
References:
[Thread Prev: 055]
[Thread Next: 079]
[Message Prev: 048]
[Message Next: 399]
>> It now looks like two of our machines were infected after all, but we >> didn't notice any particularly abberant behavior during the time at which >> they should have been infected, and I'm trying to figure out why this >> beastie seems to have made it in, but was unable to do anything beyond that. Same here. Several machines were obviously hit, but another had been entered about 6 times without anything appearing to have happened. There were traces of deleted files in /usr/tmp and entries of the smtp transactions in syslog, but no other symptoms. This was on a sun-3/280 running sunos 3.5 with an "average" number of local mods. Matt
END OF DOCUMENT
| ISSN 1742-948X 01 (Online) | 2005/03/01 | Copyright 2002-2008 securitydigest.org. All rights reserved. |