From: Discussion Lists (discussionslagraphico.com)
Date: Thu Dec 29 2005 - 10:50:10 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Sorry if this was asked before, but how do I know if my machine has been compromised? I am working on a way to contain any damage caused by this exploit, and it would be helpful to know for sure that what I am doing is working or not working.
 
Thanks!

        -----Original Message-----
        From: full-disclosure-bounceslists.grok.org.uk [mailto:full-disclosure-bounceslists.grok.org.uk] On Behalf Of Todd Towles
        Sent: Thursday, December 29, 2005 7:16 AM
        To: full-disclosurelists.grok.org.uk
        Subject: [Full-disclosure] Static Blocking for the WMF Exploit - over 50known variants
        
        
        Sunbelt has released several sites that are being used to spread bad WMF files
         
        http://sunbeltblog.blogspot.com/2005/12/more-than-50-wmf-variants-in-wild.html <http://sunbeltblog.blogspot.com/2005/12/more-than-50-wmf-variants-in-wild.html >
         
        I have added this sites into my static blocking, but this isn't a great method..but it can only help at this point. Wanted to share this information.
         
         -Todd
        
        
         

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]