Saturday, September 13, 2003

Just a couple worm-related things

I like bits like this (thanks blupwa!) and have noticed the following...

In the ongoing battle to detect customers' infected machines, I've come across an interesting bit: any machine infected with the Welchia/Nachi worm is left running an open TFTP server. "Open" in that it will accept any file you hand it.

I still don't know if I'm limited to a folder or if I can put it anywhere I want or pull any file I want. I'm going to have to dig out the old VMWare and try it out, I guess.

No comments:

Post a Comment