[Dshield] Linux.slapper variant
peter.stendahl-juvonen at welho.com
Wed Sep 25 11:32:50 GMT 2002
David, Jesper, John, Roger, et al.
Slapper.A, Slapper.B, ...
Security Alerts (at bottom left page), etc.
Global Slapper Worm Information Center, at
Virus Bulletins, at
About Slapper variants (descriptions, etc.), at
The OpenSSL security advisory is available at
CERT(r) advisory is available at:
Security advisories released by Linux vendors:
"To learn something new, take the path that you took yesterday."
John Burroughs (1837-1921); US author, naturalist.
David Kennedy wrote:
> There are, at least, two newer variants.
> The best technical description I've see so far is:
list-admin at dshield.org <mailto:list-admin at dshield.org> wrote on Tuesday,
September 24, 2002 6:50 PM: on behalf of: John Daniels [empty lines
> I just got this info from my AV vender, maybe it can help some one.
> 1. New Linux Vandal: Slapper
> * By blocking all unused ports, Slapper has no way of
> accessing your system (- Slapper attempt to enter a system
> by attacking port 2002). In case you are not using SSL, you
> should also block port 443.
About Slapper variants (descriptions, ports, etc.), at
> * If Slapper is already infecting your system, you may be
> able to shut it down by closing its process. The process is
> called ''.bugtraq''.
About Slapper variants (descriptions, ports, filenames, etc.), at
> John Daniels
> The boss said, dont forget before you work on it make sure you unplug
More information about the list