bloodhound Posted December 22, 2004 Posted December 22, 2004 Source: http://news.zdnet.com/2100-1009_22-5499725.html?tag=nl.e589 This worm does not seem to effect the end user. "The Santy worm uses a flaw in the widely used community forum software known as the PHP Bulletin Board (phpBB) to spread." "The worm sends Google a specific search request, essentially asking for a list of vulnerable sites. Armed with the list, the worm then attempts to spread to those sites using a PHP request designed to exploit the phpBB bulletin board software." "After it has taken over a site, the worm deletes all HTML, PHP, active server pages (ASP), Java server pages (JSP), and secure HTML pages, and replaces them with the text, "This site is defaced!!! This site is defaced!!! NeverEverNoSanity WebWorm generation X," according to Kaspersky. For "X," the worm inserts a number representing how far the current instance of the program is descended from the original worm release. MSN searches have found 24th generations of the worm." More info at: http://news.bbc.co.uk/1/hi/technology/4117711.stm "A message sent to Finnish security firm F-Secure by Google's security team said: "While a seven hour response for something like this is not outrageous, we think we can and should do better." "We will be reviewing our procedures to improve our response time in the future to similar problems," the Google team said. " http://news.bbc.co.uk/1/hi/technology/3927963.stm http://www.viruslist.com/en/viruses/encyclopedia?virusid=68388 http://www.kaspersky.com/news?id=156681162 http://securityresponse.symantec.com/avcenter/venc/data/perl.santy.html http://www.viruslist.com/en/viruses/encyclopedia?virusid=68388 http://www.sophos.com/virusinfo/analyses/perlsantya.html
5614 Posted December 22, 2004 Posted December 22, 2004 blike and sayo.... we better be protected from this! the thing with 99.9% of viruses is that a few days after they come out there's already a protection from them so they hardly pose a threat for long... that is assuming that you have an up to date anti-virus.
bloodhound Posted December 22, 2004 Author Posted December 22, 2004 of course we are... we use vB and not phpBB also this virus doesnt effect the end user. no need for panic. the most it will do it just wipe out everything in ur server.... just hope u have a backup
5614 Posted December 22, 2004 Posted December 22, 2004 of course we are... we use vB and not phpBB oh yeah... sorry! i know it doesnt effect the end of user.. i did read the original post! still, it'd be a shame if this server was wiped - this is why back up methods are needed. [edit] especially in places like this where if data was lost it could never be replaced.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now