Slashdot Mirror

← Back to Stories (view on slashdot.org)

Code Red Back For More

Posted by timothy on from the more-bells-more-whistles dept.

Brian Stretch writes: "The Code Red II worm was unleashed early this morning and appears to be very different than the original and far more dangerous. CR2 infected servers only attack servers within their Class A address block and their Class B address block in particular: since 9:11am EST I've logged 148 CR2 attack attempts, 89 of which are from within my Class B subnet, suggesting that only servers within Class A networks that were deliberately seeded are being attacked. The 24.x.x.x range is one of the hardest hit, and as before, it's folks with cable modems and DSL connections that are providing the most victims." Several @home customers have written about slowed service today, but they're definitely not alone.

8 of 866 comments (clear)

  1. In my honor too ... by CodeRed · · Score: 5, Funny

    Errrr.... More things named in my honor... This can't be good!

    If worms start popping up with Linux4Green (my ICQ nick) then I know I'm bad luck. :-P

    --

    --
    CodeRed, the lower user #. No relation to SirCam.
  2. Re:a quick fix by Saint+Aardvark · · Score: 5, Funny
    Fuck me...read a little farther down where it says that, based on random scans of the 359k IP addresses infected last time 'round, they estimate that thirty percent are still infected!

    What the fuck? What the fuck is going on? How the fuck is it that I can have old ladies calling me up at work (tech support for an ISP) and asking if the reason they can't pick up their email is because of the Code Red worm, 'cos they saw the press conference and, hey, they're wondering, and something like 105,000 separate IP addresses are still infected? Did the rapture happen when I wasn't looking, and God took the people responsible for these computers, those left behind couldn't find the passwords anywhere? How is this possible?

    (I know, I know; not everyone lives w/in viewing distance of CNN, default installations of MS whatever -- but still, this absolutely amazes me.)

    --
    Carousel is a lie!
  3. Re:Why don't they... by tswinzig · · Score: 5, Funny

    Modify the code red code to apply the security patch to the vulnerable IIS servers and reboot the system? While this is potentially destructive to your system (I'm told -- MS security patches and all that) it would pretty well take care of this problem...

    Nah, this will just make the sysadmins even lazier.

    SysAdmin #1: Dude, your NT machines are all infected with Code Red!

    SysAdmin #2: I know! I'm just waiting for for them to be infected with the fix... should be any day now...

    --

    "And like that ... he's gone."
  4. Re:what is code red. . by mpe · · Score: 4, Funny

    Someone should copyright the "code red algorithm".

    Or maybe patent it. Also how about sending the BSA after anyone running it without a licence.

  5. Now that is funny! by stuccoguy · · Score: 5, Funny

    This guy's computer is infected and attacking me every 10 minutes or so. I went to his web page and found this resume which indicates the guy is a Windows2000 expert and Network Technician!

  6. Top 8 things to do with Code Red by startled · · Score: 4, Funny

    Bah, what a waste. Screw that, here are some other things you should do along with your white hat program:

    1. Distribute Elcomsoft's e-book reader to all compromised boxes; search for any Adobe e-books and write out a plaintext copy.
    2. Append the code to DeCSS to all Word documents on the box.
    3. Modify the code to only patch the box when Dmitry is finally released from jail.
    4. Install Linux; reboot.
    5. Install BSD; reboot.
    6. Configure box to DoS MS's IIS patch servers; condemn MS for making patches inaccessible.
    7. Script all boxes to respond to /. stories with one of two comments: "dammit, this is a duplicate! Here is the original at goatse.cx", or "Katz iz 4 t00l!!!1@".
    8. Install SETI; add the box to your team; brag about your high score.

    Note: these are jokes. Please, please, do not do these things. Especially because if you do, the feds will come knocking on my door. :)

  7. Something that should happen more often. by RzUpAnmsCwrds · · Score: 5, Funny

    Man, I'm glad that I'm not using [Microsoft Product]. This new [virus/worm/trojan] exploits a [flaw/bug/backdoor] in [Microsoft Product], and it [does/doesn't] use Outlook and the stupidity of users. Luckily, I'm running [Free alternative to Microsoft product], so I'm not at risk. In fact, [Free alternative to Microsoft product] has protected me from [any integer over 200] [viruses/worms/trojans]. And just look at the [hundreds/thousands/millions/billions] of dollars that I've saved using [Free alternative to Microsoft product]. I hope that this [Free alternative to Microsoft product] takes off, along with [free alternative to Microsoft OS]. Unfortunately, my [company/home] has to pay for the stupidity of Microsoft: this [virus/worm/trojan] sucked [250KB/250MB/250GB/250TB] of bandwidth!

  8. What about.... by jarodss · · Score: 4, Funny

    My range, I don't seem to find anything coming from 127.x.x.x and I installed CodeRedII myself.