Interversity Quotes"I think it's time to ask the Standardistos: Where's the test for compassion? For honesty? For curiosity? For moral commitment? Until they can answer, let's tell them to shut up." —Susan Ohanian (One Size Fits Few: The Folly of Educational Standards) Interversity ProjectsEchoes of Orwell:The purpose of this webforum is to promote a lively discussion among students and faculty alike about George Orwell's 1984 and the parallels or echoes found in today's society. |
[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index] 'nother warning
Have no idea if it's another hoax...but heads up anyway -------------------------------------------------------------------------------- FYI: PLEASE READ!!! I just got this from Ira. Hillary "Goldstein, Ira" wrote: > -----Original Message----- > From: Jones, Richard P. > Sent: Monday, January 28, 2002 1:23 PM > To: NTRC Alarm Supervisors; NTRC ALARMS; NTRC Modem Test; NTRC WAN > Implementation; NTRC-BUS OPS; NTRC-SNMP; NTRC-SS; NTRC-TAC; NTRC-TRAFFIC; > NTRC-WAN; NTRC-WAN > Subject: W32/Myparty@MM virus -- !! BECAREFUL !! > > Please be careful a new virus is currently being circulated on the > Internet and there is no defense as of this writing > The bogus e-mail features the following message: > > " Hello! > > My party...It was absolutely amazing! > > I have attached my web page with new photos! > > If you can please make color prints of my photos. Thanks!" > Here's MaAfee's explanation of the virus and its effects: > When the W32/Myparty@MM virus <http://vil.nai.com/vil/content/v_99332.htm> > executable is executed on Windows NT machines, (Windows NT, 2000 or XP) > this backdoor is dropped to the startup folder within the profile of the > current user, MSSTASK.EXE: > %userprofile%\Start Menu\Programs\Startup\msstask.exe > This ensures the backdoor is executed upon system startup, at which point > it goes memory resident, and the machine is rendered vulnerable. > NB: W32/Myparty@MM only massmails itself and drops the backdoor component > if the system date is within the following range: > 25th - 29th January 2002 inclusive > Outside of this date range, no backdoor component is dropped. > MSSTASK.EXE is compressed with UPX, and is 6,144 bytes in length (unpacked > the file is 152,064 bytes). > Once running, the backdoor tries to connect to the following IP address: > <http://209.151.250.170/> in order to download the command file that > operates the backdoor. > A second W32/Myparty@MM variant which only operates between 20th-24th > January 2002 (hence will not replicate on machines with correctly set date > now) drops an identical backdoor component to that described above. The > only difference is the date range in which the backdoor is dropped. > With Regards > Richard > Nextiraone Email Group > 713.307.6864 > richard.jones@nextiraone.com > -- If you're in control - you're going too slow
Post a Message to arn-l: |
eric |