Sophos produced specific protection against the Slapper worm at 09:17 GMT on Saturday, but is reminding Apache web server users that a patch for the vulnerability has been available since July 2002 from http://www.openssl.org/news/secadv_20020730.txt
"Unix is becoming more and more popular, with Apache beating Microsoft IIS as the web server of choice for many companies," said Graham Cluley, senior technology consultant at Sophos. "However, this popularity attracts attention from the cybercrime community, so fans of Unix need to remember to take security seriously. Instead of waiting for the next threat to emerge, they should get into the habit of patching susceptible systems as soon as a fix becomes available. Pre-emptive safe computing measures like this would have stopped Slapper in its tracks."
Sophos's safe computing guidelines are available free of charge from: http://www.sophos.com/virusinfo/articles/safehex.html
Further details regarding the Slapper worm can be found at http://www.sophos.com/virusinfo/analyses/linuxslappera.html
Graham Cluley is available to comment on + 44 (0)7990 552181 or + 44 (0)1235 544114
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.