[Esd-l] Bugbear pattern
John D. Hardin
jhardin at impsec.org
Sun Oct 6 12:19:01 PDT 2002
On Wed, 2 Oct 2002, Brett Glass wrote:
> Anyone have a Procmail pattern for Bugbear? All of our detectors
> are catching it, but so far they're just identifying it as Generic
> Bad Stuff (tm).
Okay, a couple of BugBears finally made it into my quarantine, so I
have samples.
It looks exactly the same as Klez apart from being smaller.
I have modified the local-rules list on the website to distinguish
between them (as far as is possible) and provide appropriate links.
You all may want to grab and install the current recommended
local-rules file.
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
jhardin at impsec.org pgpk -a jhardin at impsec.org
key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...the Fates notice those who buy chainsaws...
-- www.darwinawards.com
-----------------------------------------------------------------------
73 days until The Two Towers
More information about the esd-l
mailing list