08-19-2008
Problem with worm ctfmon.exe
I have this worm in my network.
It works only on Windows OS. My data server is on Linux with samba server and all the time somebody is copping this worm from windows client to my data server, because the data server is mapped as a network drive.
My question is:
Is there any way to find which machine copy this virus to my server?
I changed my samba log level to 10 (which means debug level) but it doesn't help much.
I can't see the exact IP or NIC hardware address.
Thanks in advanced.
4 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I am running Unix SCO and have discovered the worm virus. It is enabled through a BIOS connections, I am able to get around it using telnet, believe it or not.
- Can anyone recommend a virus scan software?
- Has anyone successfully used a virus scan software on unix without a problem?
... (2 Replies)
Discussion started by: ana_cr32
2 Replies
2. Programming
At time of installation I have to open the resource. and i have to insert a string serial number in the exe.
please provide me code to edit the exe (in solaris) to insert a serial number which can be used by exe at run time. (6 Replies)
Discussion started by: ssahu
6 Replies
3. UNIX for Dummies Questions & Answers
Hello all,
I just got asked if virus and worms are a big thing in unix/linux OS. My response was no, but after looking I found that there can be issues but very few. I would justy like to know from the working community what is the truth on virus and worms on unix/linux OS? Thanks. (1 Reply)
Discussion started by: larryase
1 Replies
4. What is on Your Mind?
Did your shop have any problems with it? Reports indicate it will able to control several million Windows PC's. (2 Replies)
Discussion started by: jim mcnamara
2 Replies
YPSET(8) BSD System Manager's Manual YPSET(8)
NAME
ypset -- tell ypbind(8) which NIS server process to use
SYNOPSIS
ypset [-h host] [-d domain] server
DESCRIPTION
ypset tells the ypbind(8) process on the current machine which NIS server process to communicate with. If server is down or is not running a
NIS server process, it is not discovered until a NIS client process attempts to access a NIS map, at which time ypbind(8) tests the binding
and takes appropriate action.
ypset is most useful for binding a NIS client that is not on the same broadcast network as the closest NIS server, but can also be used for
debugging a local network's NIS configuration, testing specific NIS client programs, or binding to a specific server when there are many
servers on the local network supplying NIS maps.
The options are as follows:
-h host
Set the NIS binding on host instead of the local machine.
-d domain
Use the NIS domain domain instead of the default domain as returned by domainname(1).
SEE ALSO
domainname(1), ypcat(1), ypmatch(1), ypwhich(1), nis(8), ypbind(8), yppoll(8)
AUTHORS
Theo de Raadt
BSD
February 26, 2005 BSD