homepage Welcome to WebmasterWorld Guest from 54.204.249.184
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
Slapper Worm Exploits Apache SSL Flaw
rogerd




msg:913277
 2:57 pm on Oct 2, 2002 (gmt 0)

I didn't see discussion of the Slapper Worm here, although the biggest surge in this Linux-based virus was apparently a couple of weeks ago. The interesting thing is that some theorize that it is a sort of cyberweapon prototype.
[news.com.com ]

Also worrisome is that new authors seem to be releasing variants of Slapper:
[vnunet.com ]

 

dingman




msg:913278
 5:32 pm on Oct 2, 2002 (gmt 0)

I mentioned it tangentially as an example of why installing services the user doesn't know about could be a bad thing, but that's it as far as I recall. I really didn't see it as a big deal, since (1) I never saw any evidence of it in my logs (2) OpenSSL updates were available right away, and mentioned on the scurity mailing lists and (3) Even if you didn't patch, if you are running a packet-filtering firewall (a la iptables) and have all the ports you don't use closed, the worm wouldn't be able to join the p2p network anyway.

Not that (3) is something you should count on. Always patch a known vulnerability.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved