LinuxSecurity.com: Security is an Interactive Sport - Lessons learned from RamenJan 29, 2001, 21:52 (1 Talkback[s])
(Other stories by Benjamin D. Thomas)
[ Thanks to Benjamin D. Thomas for this link. ]
"This article outlines the importance of monitoring vendor advisories and applying appropriate software patches when necessary. It uses the Ramen epidemic as an example showing the possible effects of poor system administration."
"Whether you're a security professional, system administrator, or average Linux user you've probably already heard many of the stories surrounding the recent outbreak of the Ramen worm. If you haven't heard the details, or would like an overview of the specifics, you may want to skip down to the middle of this paper. I have answered some of the most common questions and provided specific information on how to prevent and disable the worm as well as how it works. Ramen does not only exploit vulnerabilities in wu-ftpd, nfs, and LRPng, it takes advantage of lazy/inattentive/irresponsible/naive system administrators."
"In this paper I answer many questions. What actually enabled the Ramen worm to be so successful? Who's responsible? What knowledge can we take from this situation?"