Slashdot Mirror


Code Redux

I don't understand why Symantec classifies a "remote root" exploit as only "medium" damage. Code Red [?] is hitting cable modem networks especially hard, as the new variants scan "nearby" IP's in preference to random ones, which has apparently caused enough damage and network congestion that AT&T's residential broadband division (MediaOne) has cut off port 80 across their network to try and halt the spread of the worm, or so several submitters reported. Newsforge has a story about various reactions to the worm, and reader nettdata sent in an interesting story about the worm becoming the main course at a dinner of security specialists.

7 of 472 comments (clear)

  1. In Poland too! by zdzichu · · Score: 3, Funny

    Polish Telecom, the biggest ISP down here, also announced that they will block traffic from 'infected' sites. Trying to connect to whitehouse server is taken as a proof of infection.

    --
    :wq
    1. Re:In Poland too! by JediTrainer · · Score: 3, Funny

      Hmm... www.whitehouse.gov seems to have been hacked. It's a porn site!

      Kidding, kidding!

      --

      You can accomplish anything you set your mind to. The impossible just takes a little longer.
  2. My 'Data' Light has been going steady since Friday by BroadbandBradley · · Score: 3, Funny

    and I'm on @home's network. I like the program 'etherape' to sit and watch the requests come in and then browse to the IP's to see JoeBlow's homepage.
    really, do these home users PAY for IIS? of course not, would you? If you're going to use software free, use free software!!!
    I can't imagine that anyone who administers servers for a living hasn't already patched againts this. Thus I think most of this Code Red comes from home users windows boxes with pirated software. I wish MS did pursure those people because we'd have a whole lot more Linux users if that was the case. ( I guess that's why they don't)

    a note to IIS users: /etc/httpd.conf it's not really that hard.

  3. Re:Man, I wish... by blang · · Score: 5, Funny
    You're not lame for running IIS if you've patched it. You're lame if you aren't paying attention to the patches out there.

    Sorry for being such a troll, but what makes you believe that this patch is the ultimate cure of IIS security bugs? You may not be lame, but you do posess an impressive threshold for pain.

    --
    -- Another senseless waste of fine bytes.
  4. Hmm, evil or DDoS in the making by Cramer · · Score: 5, Funny

    I know I'm askin' for it, but I couldn't resist:

    cd /home/httpd/html
    ln -s /dev/zero default.ida


    I'm only a 128k ISDN, but with compression, I can push over a T1 worth of zeros :-) (And people say PPPoE has no value.)

  5. Re:Road runner's "warning" by sharkey · · Score: 3, Funny

    But then again, they only say no to worry if you're running Windows 95, 98, ME or MacOS. Well, I'm running Linux and NetBSD, so I guess I should be worried, eh?

    No, you should report them to "abuse@timewarner.com" for sending you Unsolicted Bulk Email advertising those products.

    --

    --
    "Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
  6. Re:Code Red Self Test by osgeek · · Score: 3, Funny

    How about if someone just writes a Code Red version that instead of doing something nefarious just puts up a dialog that says: "Hey, you fucking moron! Patch your crappy IIS server so that you don't get some version of Code Red."

    Better yet, why not just run the patch installer for them?