Code Redux
I don't understand why Symantec classifies a "remote root" exploit as only "medium" damage. Code Red [?] is hitting cable modem networks especially hard, as the new variants scan "nearby" IP's in preference to random ones, which has apparently caused enough damage and network congestion that AT&T's residential broadband division (MediaOne) has cut off port 80 across their network to try and halt the spread of the worm, or so several submitters reported. Newsforge has a story about various reactions to the worm, and reader nettdata sent in an interesting story about the worm becoming the main course at a dinner of security specialists.
Polish Telecom, the biggest ISP down here, also announced that they will block traffic from 'infected' sites. Trying to connect to whitehouse server is taken as a proof of infection.
:wq
and I'm on @home's network. I like the program 'etherape' to sit and watch the requests come in and then browse to the IP's to see JoeBlow's homepage.
/etc/httpd.conf it's not really that hard.
really, do these home users PAY for IIS? of course not, would you? If you're going to use software free, use free software!!!
I can't imagine that anyone who administers servers for a living hasn't already patched againts this. Thus I think most of this Code Red comes from home users windows boxes with pirated software. I wish MS did pursure those people because we'd have a whole lot more Linux users if that was the case. ( I guess that's why they don't)
a note to IIS users:
"The Most Fun Possible on 4 wheels" is at SunBuggy in Las Vegas
Sorry for being such a troll, but what makes you believe that this patch is the ultimate cure of IIS security bugs? You may not be lame, but you do posess an impressive threshold for pain.
-- Another senseless waste of fine bytes.
I know I'm askin' for it, but I couldn't resist:
/home/httpd/html
/dev/zero default.ida
:-) (And people say PPPoE has no value.)
cd
ln -s
I'm only a 128k ISDN, but with compression, I can push over a T1 worth of zeros
But then again, they only say no to worry if you're running Windows 95, 98, ME or MacOS. Well, I'm running Linux and NetBSD, so I guess I should be worried, eh?
No, you should report them to "abuse@timewarner.com" for sending you Unsolicted Bulk Email advertising those products.
--
"Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
How about if someone just writes a Code Red version that instead of doing something nefarious just puts up a dialog that says: "Hey, you fucking moron! Patch your crappy IIS server so that you don't get some version of Code Red."
Better yet, why not just run the patch installer for them?
Why are you letting these clowns ruin our country?