[unisog] Super-hidden spamming exploits?

Jordan Wiens jwiens at nersp.nerdc.ufl.edu
Thu Sep 25 15:26:54 GMT 2003


We've been seeing a lot of this recently as well.  Really annoying since
cleaning up from a student compromise requires a lot more hand-holding
than a professionally administered machine.

I suspect recent IE vulnerabilities.  See the full-disclosure thread about
aim password grabbing.

-- 
Jordan Wiens, CISSP
UF Network Incident Response Team
(352)392-2061

On Thu, 25 Sep 2003, Rita Seplowitz Saltz wrote:

> Greetings.
>
> We've seen a number of student-owned MS Windows machines exploited by
> spammers, even after the "usual suspects" have been addressed
> (administrator password, backdoors, remote code, spyware, assorted
> viruses) and the systems are believed to have been locked down securely.
>
> Has anyone else seen this kind of thing?  And, if so,  have you any
> helpful insights to offer?
>
> Thanks,
>
> Rita Saltz
> [now] Senior Policy Advisor
> Office of Information Technology (OIT)
> Princeton University
> rita at princeton.edu
>



More information about the unisog mailing list