W32.Codbot is a worm that has been popping up throughout the net. It exploits the SQL Sever LSASS and RPC-DCOM process.
W32.Codbot.AL masquerades as a system process which allows it to be run
when the system boots up. Once running it connects to Internet Relay
Chat (IRC) where it can take command to control you sytem.
Instructions to remove W32.Codbot.htm:
http://elamb.blogharbor.com/hacked/codbot.htm
Ready to actually get the RMF/ISSO job?
Go from reading about the Risk Management Framework to doing it — with the full video course, the books, and a community of GRC professionals taught by Bruce Brown (CISSP, CGRC).
Get the RMF ISSO Foundations course → Browse the RMF & GRC books Join the free GRC community
Leave a Reply