 |
| |
 W32.Beagle.E@mm
Posted on Sunday, February 29 @ 21:59:51 PST by Fido
Symantec has upgraded W32.Beagle.E@mm to a Catagory 3 virus based upon the high level of infections being reported. W32.Beagle.E@mm is a mass-mailing worm that opens a backdoor on TCP port 2745. The worm uses its own SMTP engine for email propagation. It can also send to the attacker the port on which the backdoor listens, as well as a randomized ID number. W32.Beagle.E@mm is also known as Bagle.E [F-Secure], I-Worm.Bagle.e [Kaspersky], WORM_BAGLE.E [Trend], Win32.Bagle.E [Computer Associates]. The removal tool for W32.Beagle@m has been updated by Symantec, and is available for download here for free.
| |
|
Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.
|
|
Average Score: 4
Votes: 3
|
|
|
Re: W32.Beagle.E@mm (Score: 1)
by Webster on Monday, March 01 @ 06:12:32 PST
(User Info | Send a Message | Journal) | | I haven't seen this one on my network yet, thankfully. |
|
|
Re: W32.Beagle.E@mm (Score: 1)
by soup4you2 on Wednesday, March 03 @ 12:40:24 PST
(User Info | Send a Message) | running postfix? block this puppie...
In /etc/postfix/header_checks add these lines:
#
# w32.Beagle.j worm
#
/^Subject:.*E-mail account disabling warning/ REJECT Suspected W32.Beagle change subject
/^Subject:.*E-mail account security warning/ REJECT Suspected W32.Beagle change subject
/^Subject:.*Email account utilization warning/ REJECT Suspected W32.Beagle change subject
/^Subject:.*Important notify about your e-mail account/ REJECT Suspected W32.Beagle change subject
/^Subject:.*Notify about using the e-mail account/ REJECT Suspected W32.Beagle change subject
/^Subject:.*Notify about your e-mail account utilization/ REJECT Suspected W32.Beagle change subject
/^Subject:.*Warning about your e-mail account/ REJECT Suspected W32.Beagle change subject
|
|
|
|
|
