Slashdot Mirror


Code Redux

I don't understand why Symantec classifies a "remote root" exploit as only "medium" damage. Code Red [?] is hitting cable modem networks especially hard, as the new variants scan "nearby" IP's in preference to random ones, which has apparently caused enough damage and network congestion that AT&T's residential broadband division (MediaOne) has cut off port 80 across their network to try and halt the spread of the worm, or so several submitters reported. Newsforge has a story about various reactions to the worm, and reader nettdata sent in an interesting story about the worm becoming the main course at a dinner of security specialists.

2 of 472 comments (clear)

  1. Re:Man, I wish... by blang · · Score: 5, Funny
    You're not lame for running IIS if you've patched it. You're lame if you aren't paying attention to the patches out there.

    Sorry for being such a troll, but what makes you believe that this patch is the ultimate cure of IIS security bugs? You may not be lame, but you do posess an impressive threshold for pain.

    --
    -- Another senseless waste of fine bytes.
  2. Hmm, evil or DDoS in the making by Cramer · · Score: 5, Funny

    I know I'm askin' for it, but I couldn't resist:

    cd /home/httpd/html
    ln -s /dev/zero default.ida


    I'm only a 128k ISDN, but with compression, I can push over a T1 worth of zeros :-) (And people say PPPoE has no value.)