Dave Sherman <dsherman at real-time.com> wrote: > > Anybody hear of a new worm based on Code Red? This guy that I am talking > to seems to think so. Yes, I just got two copies this morning. It appears to be pretty insidious, spreading like Code Red, but also over e-mail. It may spread over SMB shares as well. Looks like it also wreaks hell on the registry This is just a quick analysis using `strings'. It's entirely possible that portions of it don't work. -- _ _ _ _ _ ___ _ _ _ ___ _ _ __ "Every time I've built / \/ \(_)| ' // ._\ / - \(_)/ ./| ' /(__ character, I've \_||_/|_||_|_\\___/ \_-_/|_|\__\|_|_\ __) regretted it." [ Mike Hicks | http://umn.edu/~hick0088/ | mailto:hick0088 at tc.umn.edu ] -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20010918/3dbd4e72/attachment.pgp