On Saturday 29 June 2002 23:51, you wrote:
> ----- Original Message -----
> From: "Bill" <bill@organic-earth.com>
> To: <slug@nks.net>
> Sent: Saturday, June 29, 2002 3:14 PM
> Subject: [SLUG] Apache Worm
>
> > So what, exactly, does the Apache worm do?
> >
> > I am running the advanced extranet version of Apache and the tripwire.cfg
> > file has gone missing.
> >
> > I got the OpenSSH upgrade made but it doesn't look like I moved fast
>
> enough
>
> > for the Apache exploit.
>
> I thought the current version of the new Apache worm only spread to
> FreeBSD?
The reports are somewhat unclear as to what is, and what is not, affected. I
thought that only 64 bit systems could actually be taken over and that 32 bit
systems would fail ... but not yield an exploitable advantage except that
Apache was knocked down. Something about the address space length or
whatever. The original report said one thing and then there was an addendum
that said "Oh wait ... this is worse than we thought."
I am running Mandrake 8.0 with kernel 2.4.17 and all current patches
available through MandrakeUpdate applied. According to phpinfo.php, my
current Apache level is Apache-AdvancedExtranetServer/1.3.22.
If not this worm, what DID cause tripwire to stop running? It says its
database is missing. When I follow instructions to reconstruct it, it seems
to do so and exit politely. But the next email notification is just a
two-liner telling me that the database can not be found and to rebuild it.
-- 12:07am up 4 days, 6:05, 2 users, load average: 0.00, 0.00, 0.00"I'm thinking of going back to Windows; in Linux, none of the viruses seem to work."
http://organic-earth.com Organic urban gardening. With photos.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 13:09:05 EDT