P2P-Zone - View Single Post

pod · 17-09-02, 12:27 PM

A patch for this exploit has been out for over a month, and as usual, the only people affected will be those with unpatched machines. It's a little scary that the removal instructions are so hard to come by, but I've never had any interest (or need) to remove a virus before, so maybe that's par for the course. Basically, just remove the .bugtraq files in /tmp (NOT /temp as some advisories say) and kill the bugtraq process. A little strange that the worm would use port 80 to communicate (in addition to 2002), seeing as it came in via a web server, which runs port 80...

17-09-02, 12:27 PM	#4
pod Bumbling idiot Join Date: Feb 2002 Location: Vancouver, CA Posts: 787	A patch for this exploit has been out for over a month, and as usual, the only people affected will be those with unpatched machines. It's a little scary that the removal instructions are so hard to come by, but I've never had any interest (or need) to remove a virus before, so maybe that's par for the course. Basically, just remove the .bugtraq files in /tmp (NOT /temp as some advisories say) and kill the bugtraq process. A little strange that the worm would use port 80 to communicate (in addition to 2002), seeing as it came in via a web server, which runs port 80...