[unisog] Re: OpenSSL worm in the wild

John Stauffacher stauffacher at chapman.edu
Mon Sep 16 19:06:41 GMT 2002

For anyone looking for the RedHat advisory:


Interestingly enough the packages for rh71 and below are missing (which
is why this box got hit in the first place). 

John Stauffacher
Network Administrator
Chapman University
stauffacher at chapman.edu

-----Original Message-----
From: Peter Van Epp [mailto:vanepp at sfu.ca] 
Sent: Monday, September 16, 2002 11:59 AM
To: John Stauffacher
Cc: unisog at sans.org
Subject: Re: [unisog] Re: OpenSSL worm in the wild

> We've had one so far: 
> Thanks goes to f-secure for their timely warning that the box was

	I guess that depends on your definition of timely :-) I just
(and answered) a notification from them of my machine compromised on
(and removed from the network Friday :-) ). To be fair I imagine they
just got 
the service up and are notifying the backlog many of which, unlike us,
have caught the infections yet.

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada

More information about the unisog mailing list