Re: Possible virus from Rome labs

Gene Spafford (spaf@cs.purdue.edu)
Wed, 30 Mar 94 22:56:30 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Evil Pete: "Re: Possible virus from Rome labs"
Previous message: Steve Simmons: "Re: Possible virus from Rome labs"
In reply to: Ron Gilmer: "Possible virus from Rome labs"

I don't suppose any of the effected systems was covered by Tripwire?
If there was a real virus (or other trojan type activity), Tripwire
would expose what files were altered....

If any of the systems are Suns, it would help to run the md5check
software from the CIAC & CERT, assuming the systems weren't running
Tripwire (or ATP or Fortress etc.).

--spaf

Next message: Evil Pete: "Re: Possible virus from Rome labs"
Previous message: Steve Simmons: "Re: Possible virus from Rome labs"
In reply to: Ron Gilmer: "Possible virus from Rome labs"