On Tue, 17 Sep 2002 00:21:06 -0500 (CDT) natecars at real-time.com wrote: > On Mon, 16 Sep 2002, Mark Browne wrote: > > Don't these people have anything better to do with their time? > > > > This one goes after SSL/apache on linux. > > > > See: > > http://www.upi.com/view.cfm?StoryID=20020916-030318-5932r > > We've had a few clients infected with it.. sucked up quite a fair > amount of bandwidth. I love worms. Really, I do.. er, wait, actually, > just kidding - I don't. > Out of curiosity, would simply removing the packages take care of the vulnerability as well as if one might be compromised? I've read part of the CERT documentation, but have run out of time for right now. I don't need to have SSL installed right now, but did in case I decided to utilize it. I removed it but am just curious. Thanks. shawn