 |
 |
OS X is vulnerable to the Nachi (Welchia) worm?
|
|
|
|
|
Junior Member
Join Date: Aug 2002
Status:
Offline
|
|
Today I received an e-mail from our computer lab:
Dear XXX,
Our database shows that your computer is or was recently vulnerable to the Nachi (Welchia). We need to be sure your computer has been patched and our records updated.
FAILURE TO TAKE THE NEEDED STEPS TO RESOLVE THIS PROBLEM AND CONTACT US MAY CAUSE YOUR ACCOUNT TO BE TEMPORARILY DISABLED ON SEPTEMBER 1ST AFTER 8AM.
..........
I can not believe this!!!  From Symantec, this worm only affects Windows
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Dec 1999
Location: NYC
Status:
Offline
|
|
Reply and tell them you have a Mac. If OSX were vulnerable, it would have been a big deal in the (mac) news. You know, being the first virus/worm for OSX and all.
|
|
|
| |
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Apr 2001
Location: europe
Status:
Offline
|
|
|
|
|
Nasrudin sat on a river bank when someone shouted to him from the opposite side: "Hey! how do I get across?" "You are across!" Nasrudin shouted back.
|
| |
|
|
|
|
|
|
|
Professional Poster
Join Date: Nov 2000
Location: Tasmania, Australia
Status:
Offline
|
|
They probably are using an "affected systems" detection tool that tests for open ports that the virus uses, but then doesn't go the rest of the way and test for what OS has that port open.
Tell them to fix their detection tool!
|
|
|
| |
|
|
|
|
|
|
|
Senior User
Join Date: Jul 2002
Location: Arizona Wasteland
Status:
Offline
|
|
Also report them to their supervisor. System administrators like this shouldn't be working.
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Apr 2002
Location: Illinois
Status:
Offline
|
|
This worm like many of the others lately, it pretends it's sending from your computer. It's not actually you sending it but the scripts that check for worms don't know any better.
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Feb 2001
Location: Washington, DC
Status:
Offline
|
|
Originally posted by King Bob On The Cob:
This worm like many of the others lately, it pretends it's sending from your computer. It's not actually you sending it but the scripts that check for worms don't know any better.
Wrong worm. You're thinking of mass mailers. This worm is different, it self-propagates over a LAN using a buffer overrun vulnerability in Windows 2K and XP and, optionally, IIS 5.0.
They probably just scanned the network to see who had port 135 and/or 80 open.
Would you, by chance, have web sharing or windows file sharing turned on (and if web sharing is turned on is mod_webdav enabled)?
|
|
/Earth\ Mk\.\ I{2}/
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
