This is an emergency warning. As such it has been sent to several important lists; please excuse the multiple cross-posting. A dangerous REXX exec named DIR EXEC has been detected on our node, thanks to a watchful recipient. This exec purports to be able produce a directory listing of the user's disks in a MS/DOS (PC) format. However, when the exec is run, it will produce the promised listing BUT it will also send a copy of itself to all net addresses found in the user's NAMES and NETLOG files. This will, of course, swamp the BITNET network in a very short time if it is allowed to run unchecked. Its behavior is, damagewise, identical to the CHRISTMA EXEC which attacked both BITNET and VNET (IBM's corporate net) approximately three years ago. All system operators, postmasters and people in charge: if you find the DIR EXEC in your system's RDR queue, flush immediately. The copy we detected has the following characteristics: FILENAME FILETYPE FM FORMAT LRECL RECS BLOCKS DIR EXEC B1 V 116 167 1 The datestamp is not a reliable indicator; in two different copies found in our RDR queue, the date was different. Also, please post warnings on your systems, alerting your users about this problem. Thanks for your immediate attention to this urgent problem. Juan /-----------------------------------------------------------------------\ Juan M. Courcoul | Phone: (835) 820-0000 Ext. 4151 Postmaster / Listserv Coordinator | Dept. of Academic Services | Net: [log in to unmask] Monterrey Campus | [log in to unmask] Monterrey Institute of Technology | [log in to unmask] Monterrey, N. L., Mexico 64849 | [log in to unmask] \-----------------------------------------------------------------------/