[LON-CAPA-dev] detecting and removing slapper....

Scott Harrison lon-capa-dev@mail.lon-capa.org
Tue, 17 Sep 2002 13:29:02 -0400

Dear All:

More information from 


  The worm is visible in the infected system as a process ".bugtraq". An
  infected system can be disinfected by
  terminating the worm's process, and by removing the files created into
  temporary directory: 


  The Apache web server must be shut down as well and the OpenSSL libary
  must be upgraded to a fixed
  version (0.9.6e or above) in order to avoid reinfection. 


Scott Harrison, sharrison@users.sourceforge.net