[unisog] Re: OpenSSL worm in the wild

John Stauffacher stauffacher at chapman.edu
Mon Sep 16 19:06:41 GMT 2002


For anyone looking for the RedHat advisory:

http://rhn.redhat.com/errata/RHSA-2002-155.html

Interestingly enough the packages for rh71 and below are missing (which
is why this box got hit in the first place). 

++
John Stauffacher
Network Administrator
Chapman University
stauffacher at chapman.edu
714-628-7249

-----Original Message-----
From: Peter Van Epp [mailto:vanepp at sfu.ca] 
Sent: Monday, September 16, 2002 11:59 AM
To: John Stauffacher
Cc: unisog at sans.org
Subject: Re: [unisog] Re: OpenSSL worm in the wild

> 
> We've had one so far: 
> 
> 206.211.137.29
> 
> Thanks goes to f-secure for their timely warning that the box was
hit...

	I guess that depends on your definition of timely :-) I just
received
(and answered) a notification from them of my machine compromised on
Friday
(and removed from the network Friday :-) ). To be fair I imagine they
just got 
the service up and are notifying the backlog many of which, unlike us,
won't 
have caught the infections yet.

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada



More information about the unisog mailing list