Slapper Teaches Users Value of Safe Hex, Says Sophos Anti-Virus

Sophos, a world leader in corporate anti-virus protection, is urging Unix users to tighten up their safe computing procedures in order to curb the spread of the new Slapper worm (Linux/Slapper-A). This worm is currently spreading across the internet via unpatched vulnerablilities in Apache web servers.

Sophos produced specific protection against the Slapper worm at 09:17 GMT on Saturday, but is reminding Apache web server users that a patch for the vulnerability has been available since July 2002 from http://www.openssl.org/news/secadv_20020730.txt

“Unix is becoming more and more popular, with Apache beating Microsoft IIS as the web server of choice for many companies,” said Graham Cluley, senior technology consultant at Sophos. “However, this popularity attracts attention from the cybercrime community, so fans of Unix need to remember to take security seriously. Instead of waiting for the next threat to emerge, they should get into the habit of patching susceptible systems as soon as a fix becomes available. Pre-emptive safe computing measures like this would have stopped Slapper in its tracks.”

Sophos’s safe computing guidelines are available free of charge from: http://www.sophos.com/virusinfo/articles/safehex.html

Further details regarding the Slapper worm can be found at http://www.sophos.com/virusinfo/analyses/linuxslappera.html

Graham Cluley is available to comment on + 44 (0)7990 552181 or + 44 (0)1235 544114