Sean Frye wrote:
> Does this mean that there are machines on campus that have been
> compromised specifically by this new attack vector? If so, how is that
> detected, and can other admins on campus use that detection mechanism on
> the networks they oversee? Thanks in advance.
The compromised hosts were detected by our IDS systems, the same systems
we use to detect other compromised hosts, email viruses, spyware, etc
(http://security.berkeley.edu/ids.html). If you are interested in the
signatures used you can contact security@@berkeley.edu for more information.
-- Allison Henry System and Network Security University of California, Berkeley http://security.berkeley.edu ------------------------------------------------------------------------ The following was automatically added to this message by the list server: For information about Micronet, including subscribing to or unsubscribing from its mailing list and finding out about upcoming meetings, please visit the Micronet Web site: <http://micronet.berkeley.edu/>.Received on Thu Mar 30 09:06:57 2006
This archive was generated by hypermail 2.1.8 : Thu Mar 30 2006 - 09:06:58 PST