I'd rather just read the mail and not be a regular. Too many auto
respondeers coming back at me say "I'm not in until such and such a time.
In case of emergency contact ....", each time I post but... I have a
problem, I think.
Who or what is ALEVRIUS!
Is it related to ALEVIR or the Opaserv/Opasoft worm?
The reason I ask, we had a number of weird things happening on our little
network this morning so I decided to run MS Netmon and captue a while.
When I finished capturing I did a Find All Names. and it discovered a new
one:
ALEVRIUS! [no transposition (sp?) error. It is ALEVRIUS! with the
exclamation mark] associated with a specific ip address with a valid
appearing dynamic DNS name.
Now we run mainly NT servers and I get the sense that if it is ALEVIR that
our hosts may not get infected. Still I am scanning our drives for
occurances of alevir, scrsvr, brasil, marco!, instit, mqbkup and mmstask.
In all cases hoping (or not) to find the .exe file which is supposed to be
the driver. As a last thought, I also searched for alevrius. All searches
were negative.
I did a search of online.securityfoucs.com/archives for both alevir and
alevrius! but found not match. I assume, then. that this is either a new
topic or one of little importance. Can anyone enlighten me?
Regards,
Geert
------------------------------------------------------------------------
----
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
I'd rather just read the mail and not be a regular. Too many auto
respondeers coming back at me say "I'm not in until such and such a time.
In case of emergency contact ....", each time I post but... I have a
problem, I think.
Who or what is ALEVRIUS!
Is it related to ALEVIR or the Opaserv/Opasoft worm?
The reason I ask, we had a number of weird things happening on our little
network this morning so I decided to run MS Netmon and captue a while.
When I finished capturing I did a Find All Names. and it discovered a new
one:
ALEVRIUS! [no transposition (sp?) error. It is ALEVRIUS! with the
exclamation mark] associated with a specific ip address with a valid
appearing dynamic DNS name.
Now we run mainly NT servers and I get the sense that if it is ALEVIR that
our hosts may not get infected. Still I am scanning our drives for
occurances of alevir, scrsvr, brasil, marco!, instit, mqbkup and mmstask.
In all cases hoping (or not) to find the .exe file which is supposed to be
the driver. As a last thought, I also searched for alevrius. All searches
were negative.
I did a search of online.securityfoucs.com/archives for both alevir and
alevrius! but found not match. I assume, then. that this is either a new
topic or one of little importance. Can anyone enlighten me?
Regards,
Geert
------------------------------------------------------------------------
----
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
[ reply ]