[unisog] Super-hidden spamming exploits?
Suzanne_Dawley at brown.edu
Thu Sep 25 18:01:33 GMT 2003
Best practice is to backup data only, reformat hard disk, reload OS and
patch, install antivirus and update, and then reinstall all apps.
It's time consuming but the only effective way to regain ownership of
the box. It's less time consuming than dealing with the same incident
IT Security Group
Brown University CIS
Providence, RI 02912
From: Rita Seplowitz Saltz [mailto:rita at Princeton.EDU]
Sent: Thursday, September 25, 2003 10:37 AM
To: unisog at sans.org
Subject: [unisog] Super-hidden spamming exploits?
We've seen a number of student-owned MS Windows machines exploited by
spammers, even after the "usual suspects" have been addressed
(administrator password, backdoors, remote code, spyware, assorted
viruses) and the systems are believed to have been locked down securely.
Has anyone else seen this kind of thing? And, if so, have you any
helpful insights to offer?
[now] Senior Policy Advisor
Office of Information Technology (OIT)
rita at princeton.edu
More information about the unisog