[unisog] Re: OpenSSL worm in the wild

Jordan K Wiens jwiens at nersp.nerdc.ufl.edu
Mon Sep 16 20:17:08 GMT 2002


You're looking at the wrong advisory; that one was deprecated by 160:

http://rhn.redhat.com/errata/RHSA-2002-160.html

Though it should certainly mention this in the headers of 155, I agree.

-- 
Jordan Wiens
UF Network Incident Response Team
(352)392-2061

On Mon, 16 Sep 2002, John Stauffacher wrote:

> For anyone looking for the RedHat advisory:
>
> http://rhn.redhat.com/errata/RHSA-2002-155.html
>
> Interestingly enough the packages for rh71 and below are missing (which
> is why this box got hit in the first place).
>
> ++
> John Stauffacher
> Network Administrator
> Chapman University
> stauffacher at chapman.edu
> 714-628-7249
>
> -----Original Message-----
> From: Peter Van Epp [mailto:vanepp at sfu.ca]
> Sent: Monday, September 16, 2002 11:59 AM
> To: John Stauffacher
> Cc: unisog at sans.org
> Subject: Re: [unisog] Re: OpenSSL worm in the wild
>
> >
> > We've had one so far:
> >
> > 206.211.137.29
> >
> > Thanks goes to f-secure for their timely warning that the box was
> hit...
>
> 	I guess that depends on your definition of timely :-) I just
> received
> (and answered) a notification from them of my machine compromised on
> Friday
> (and removed from the network Friday :-) ). To be fair I imagine they
> just got
> the service up and are notifying the backlog many of which, unlike us,
> won't
> have caught the infections yet.
>
> Peter Van Epp / Operations and Technical Support
> Simon Fraser University, Burnaby, B.C. Canada
>
>



More information about the unisog mailing list