On Fri, Jan 19, 2001 at 09:16:24AM -0500, Noah L. Meyerhans wrote: : :From what I gather you don't even need to do that. The worm seems to :have hardcoded offsets to specifically take advantage of the Redhat :builds. So even if you're running a vulnerable version of the software :you're not likely to be bitten with this.
I suspected this, but caution is the better part of valor or something like that... :be hard to reconfigure the worm to be effective against Debian, but it :probably wouldn't be worth it. There are a lot more clueless Redhat :admins out there than clueless Debian admins. :Plus, as you point out, we've got apt-get and security.debian.org. True, should we have "Debian Certified GNU/Linux Admin" certificates :) :Incedentally, machines under my control have been probed several times :over the past few days. The worm does appear pretty wide spread. Perhaps it's because I'm such a high profile target anyway, but I can't see the difference, though maybe I'm getting a statd attack every 2 days rather than 3... -Jon
