From owner-freebsd-questions  Tue Nov  6 19:15:58 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from sunny.pacific.net.sg (sunny.pacific.net.sg [203.120.90.127])
	by hub.freebsd.org (Postfix) with ESMTP id 220F837B419
	for <freebsd-questions@FreeBSD.ORG>; Tue,  6 Nov 2001 19:15:54 -0800 (PST)
Received: from smtp1.pacific.net.sg (smtp1.pacific.net.sg [203.120.90.70])
          by sunny.pacific.net.sg with ESMTP
          id fA73Fqi19967; Wed, 7 Nov 2001 11:15:52 +0800 (SGT)
Received: from ap_280868.pacific.net.sg ([203.208.143.98])
          by smtp1.pacific.net.sg with ESMTP
          id fA73Fql08724; Wed, 7 Nov 2001 11:15:52 +0800
Message-Id: <5.1.0.14.0.20011107111835.00a4a6e0@po.pacific.net.sg>
X-Sender: nchee_hoong@po.pacific.net.sg
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Wed, 07 Nov 2001 11:22:09 +0800
To: Kris Kennaway <kris@obsecurity.org>
From: Kelvin Ng Chee Hoong <nchee_hoong@pacific.net.sg>
Subject: Re: Infected by virus
Cc: freebsd-questions@FreeBSD.ORG
In-Reply-To: <20011106190912.A35365@xor.obsecurity.org>
References: <5.1.0.14.0.20011107092016.00a46320@po.pacific.net.sg>
 <5.1.0.14.0.20011107092016.00a46320@po.pacific.net.sg>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Well ;
     This sound bad news to me . :-(
I have installed a lot of application software the system . It consumed me 
a lot of time to get these services up.
I am going to cry if you ask me to wipe the disk and re-install .

:-(






At 07:09 PM 11/6/01 -0800, Kris Kennaway wrote:
>On Wed, Nov 07, 2001 at 09:21:15AM +0800, Kelvin Ng Chee Hoong wrote:
> > Hi ;
> > My FreeBSD seems infected by worm virus . could somebody tell how to
> > clean such virus . Where can I get anti-virus software for FreeBSD ? Please
> > advise .....
>
>The only likely way your system might have been infected with a worm
>is if you have security vulnerabilities which you have failed to
>patch.  Once you're infected the only safe way to recover is to wipe
>the disk and reinstall; it's too easy for attackers to hide backdoors
>in the system which will let them get back in even after you repair
>the initial security vulnerability.
>
>Kris


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message