i was hoping to collect a sample of this for my collection, but it seems that
konqueror either doesn't get offered the download or at least it won't tell
me about it. either way, no nimda for me.... ;-)

it is nice to not have to worry about what VirusMagnet err, i mean
LookOut.... err, Outlook is going to do every time i connect to the internet.

moose


On April 24, 2002 06:26 am, you wrote:
> On Wed, 24 Apr 2002, Micro Eng wrote:
> > Maybe someone is mad at them for selling out to Micron...?
> >
> > Still I find it interesting that a website can have a virus just sitting
> > on top of it.  How does that work? I mean...don't you usually have to run
> > a file..execute, etc in order to be hit?  The stuff is all html,xml or
> > java right?  Just wondering about this now...
>
> As I recall, the virus attempts to automatically download a .EMU file,
> which is an Outlook Email Message.  If you accept the download, the email
> message will be opened by Outlook, which contains an attachment.  If you
> execute the attachment, pop, you're infected.
>
> In addition, the virus causes your IIS based server to randomly connect to
> other IP address's port 80, looking for other IIS servers which it can
> infect because of a buffer check / overrun bug.  Once that server gets
> infected, it begins attempting to infect other servers the same way ...
> now you have two servers trying to infect the entire Internet, and two
> servers whose web pages are infected with this automatic download of a
> .EMU mail message.
>
> -- Mitch
>
> --
> http://www.piclist.com hint: The PICList is archived three different
> ways.  See http://www.piclist.com/#archives for details.

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.