----- Original Message -----
From: "Amer Karim" <amerk (at) telus (dot) net [email concealed]>
To: "Focus on Microsoft Mailing List" <FOCUS-MS (at) securityfocus (dot) com [email concealed]>
Sent: Tuesday, August 12, 2003 4:44 PM
Subject: FW: Blaster vs. Kaht2
> Sorry - sent that to Marc off-list by mistake. Meant to post it to the
> list.
>
> Regards,
> Amer Karim
> Nautilis Information Systems
> e-mail: amerk (at) telus (dot) net [email concealed], mamerk (at) hotmail (dot) com [email concealed]
>
>
> -----Original Message-----
> From: Amer Karim [mailto:amerk (at) telus (dot) net [email concealed]]
> Sent: 12 August 2003 14:39
> To: 'Marc Fossi'
> Subject: RE: Blaster vs. Kaht2
>
> Out of curiosity, are there any symptomatic clues as to determining if the
> system has been compromised by Kaht2? I can't seem to find any info on
the
> Symantec site.
>
> Regards,
> Amer Karim
> Nautilis Information Systems
> e-mail: amerk (at) telus (dot) net [email concealed], mamerk (at) hotmail (dot) com [email concealed]
I'm trying to get information as well on the symptoms of the kaht2. I have
systems that were at current patch level, scanned clean with current norton
av, the DCOM patches were manually applied as opposed to windows update,
system reboots clean. Scans clean, shows no signs of infection. Reboot
again, and the control panel applet shows all icons in a left hand frame and
the fonts are mangled in add-remove programs. I've got 8 systems that have
these sysmptoms.
------------------------------------------------------------------------
---
Your network firewall and IDS products do not prevent Web application
attacks - the most common form of online exploitation- resulting in Web
defacement, data theft, sabotage and fraud.
KaVaDo is the only company that provides a complete suite of Web
application security products.
Download a FREE whitepaper on "Security Policy Automation for Web
Applications":http://www.securityfocus.com/Kavado-focus-ms
------------------------------------------------------------------------
---
----- Original Message -----
From: "Amer Karim" <amerk (at) telus (dot) net [email concealed]>
To: "Focus on Microsoft Mailing List" <FOCUS-MS (at) securityfocus (dot) com [email concealed]>
Sent: Tuesday, August 12, 2003 4:44 PM
Subject: FW: Blaster vs. Kaht2
> Sorry - sent that to Marc off-list by mistake. Meant to post it to the
> list.
>
> Regards,
> Amer Karim
> Nautilis Information Systems
> e-mail: amerk (at) telus (dot) net [email concealed], mamerk (at) hotmail (dot) com [email concealed]
>
>
> -----Original Message-----
> From: Amer Karim [mailto:amerk (at) telus (dot) net [email concealed]]
> Sent: 12 August 2003 14:39
> To: 'Marc Fossi'
> Subject: RE: Blaster vs. Kaht2
>
> Out of curiosity, are there any symptomatic clues as to determining if the
> system has been compromised by Kaht2? I can't seem to find any info on
the
> Symantec site.
>
> Regards,
> Amer Karim
> Nautilis Information Systems
> e-mail: amerk (at) telus (dot) net [email concealed], mamerk (at) hotmail (dot) com [email concealed]
I'm trying to get information as well on the symptoms of the kaht2. I have
systems that were at current patch level, scanned clean with current norton
av, the DCOM patches were manually applied as opposed to windows update,
system reboots clean. Scans clean, shows no signs of infection. Reboot
again, and the control panel applet shows all icons in a left hand frame and
the fonts are mangled in add-remove programs. I've got 8 systems that have
these sysmptoms.
Thanks.
--
Micheal Patterson
TSG Network Administration
405-917-0600
------------------------------------------------------------------------
---
Your network firewall and IDS products do not prevent Web application
attacks - the most common form of online exploitation- resulting in Web
defacement, data theft, sabotage and fraud.
KaVaDo is the only company that provides a complete suite of Web
application security products.
Download a FREE whitepaper on "Security Policy Automation for Web
Applications":http://www.securityfocus.com/Kavado-focus-ms
------------------------------------------------------------------------
---
[ reply ]