Results 1 to 3 of 3
  1. #1
    ABW Founder Haiko de Poel, Jr.'s Avatar
    Join Date
    January 18th, 2005
    New York
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Slapper worm spreads its disease
    By James Middleton [18-09-2002]

    Internet on yellow alert

    The Internet Storm Centre (ISC), the early warning system from the Sans Institute, is on yellow alert for the first time in months as the Slapper worm continues its infection of Apache web servers.

    The worm was first spotted in the wild at the end of last week, entering systems by exploiting a vulnerability in the open Secure Socket Layer (SSL) library used in SSL-capable programs.

    Any systems running Apache and its associated SSL module are likely to be affected on both Intel and Sparc platforms.

    The Slapper worm already features in the top five most prevalent attacks around the world, notching up almost as much activity as the most common attacks - those on port 80 - in almost every continent. The worm attacks on port 2002 and connects the target machine to the rest of the infected network by the User Datagram Protocol (UDP). This army of 'zombie' machines can then be used by the hackers as a tool to attack other servers.

    Slapper-infected servers have already been linked to denial of service (DoS) attacks against other machines.

    It is thought that some script kiddies found the source code for a concept attack known as peer-to-peer UDP Distributed DoS (PUD) on a security site and turned it into a working worm.

    The ISC has confirmed that around 6,000 servers are currently infected. But speculation on the BugTraq security mailing list suggests that numbers may be as high as 30,000.

    A patch has already been released by the OpenSSL crew, with details available here.

    <font size="2" face="Verdana">Haiko

    The secret of success is constancy of purpose. ~ Disraeli

  2. #2
    ABW Ambassador
    Join Date
    January 18th, 2005
    Update that openssl! [img]/infopop/emoticons/icon_smile.gif[/img] if not already

  3. #3
    Join Date
    January 18th, 2005
    Those who have servers running RedHat Linux, here's the shortcut to RedHat security page with links to download the updated openssl package:

  4. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Living with Crohn's Disease
    By $Cleopatra$ in forum Virtual Family and Off-Topic
    Replies: 8
    Last Post: October 28th, 2007, 02:59 PM
  2. spreads viruses through banners
    By G_R in forum Suspicious Activity!
    Replies: 7
    Last Post: January 18th, 2006, 11:02 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts