Welcome to WebmasterWorld Guest from 50.16.78.128

Forum Moderators: bakedjake

Message Too Old, No Replies

Slapper Worm Exploits Apache SSL Flaw

   
2:57 pm on Oct 2, 2002 (gmt 0)

WebmasterWorld Administrator rogerd is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I didn't see discussion of the Slapper Worm here, although the biggest surge in this Linux-based virus was apparently a couple of weeks ago. The interesting thing is that some theorize that it is a sort of cyberweapon prototype.
[news.com.com ]

Also worrisome is that new authors seem to be releasing variants of Slapper:
[vnunet.com ]

5:32 pm on Oct 2, 2002 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I mentioned it tangentially as an example of why installing services the user doesn't know about could be a bad thing, but that's it as far as I recall. I really didn't see it as a big deal, since (1) I never saw any evidence of it in my logs (2) OpenSSL updates were available right away, and mentioned on the scurity mailing lists and (3) Even if you didn't patch, if you are running a packet-filtering firewall (a la iptables) and have all the ports you don't use closed, the worm wouldn't be able to join the p2p network anyway.

Not that (3) is something you should count on. Always patch a known vulnerability.