bagle-i worm
Hong Zhu
hzhu at wesleyan.edu
Tue Mar 2 16:43:17 GMT 2004
yes, "netsky-d" was downloaded later than "bagle-i"
and I can see mailscanner has been catching "netsky-d"
however not "bagle-i"...
Data file name : /usr/local/Sophos/ide/netsky-d.ide
Data file type : IDE
Data file date : 02 March 2004, 07:57:01
Data file status : Loaded
Data file name : /usr/local/Sophos/ide/bagle-i.ide
Data file type : IDE
Data file date : 02 March 2004, 06:32:18
Data file status : Loaded
thanks,
Hong
> -----Original Message-----
> From: MailScanner mailing list [mailto:MAILSCANNER at jiscmail.ac.uk]On
> Behalf Of Raymond Dijkxhoorn
> Sent: Tuesday, March 02, 2004 11:40 AM
> To: MAILSCANNER at jiscmail.ac.uk
> Subject: Re: bagle-i worm
>
>
> Hi!
>
> > we use sophos and latest bagle-i IDE was downloaded
> > onto our mail server this morning, however we don't
> > think mailscanner catch them as many have passed through...
>
> Can you verifu locally on the box that Sophos _IS_ detecting there? Also,
> be sure you are running the latest version, the changes on the MIME parts
> can help...
>
> Bye,
> Raymond.
>
More information about the MailScanner
mailing list