Slashdot Mirror

← Back to Stories (view on slashdot.org)

Code Redux

Posted by michael on from the carpetbombing-the-new-economy dept.

I don't understand why Symantec classifies a "remote root" exploit as only "medium" damage. Code Red [?] is hitting cable modem networks especially hard, as the new variants scan "nearby" IP's in preference to random ones, which has apparently caused enough damage and network congestion that AT&T's residential broadband division (MediaOne) has cut off port 80 across their network to try and halt the spread of the worm, or so several submitters reported. Newsforge has a story about various reactions to the worm, and reader nettdata sent in an interesting story about the worm becoming the main course at a dinner of security specialists.

3 of 472 comments (clear)

  1. Re:Cutting off port 80? by interiot · · Score: 5, Informative

    You can block incoming and outgoing http connections separately. eg. if a SYN packet is going from an outside address to an inside address, and the port number is 80, block it. But don't block anything else.

  2. small survey by 1010011010 · · Score: 5, Informative

    I ran a test on the 1597 unique hosts that have attempted to infect my web server recently.

    321- 20.1% - "Under Construction" default blank page
    0- 00.0% - "too busy"
    1093- 69.4% - cannot connect
    183- 11.4% - some web page

    --
    Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
  3. Re:Cutting off port 80 by Sc00ter · · Score: 5, Informative
    HEY! It's not against their AUP to run a web server!

    From: http://help.broadband.att.com/subagreelease.jsp

    (b) FTP/HTTP Service Setup. Customer should be aware that when using the Service to access the Internet or any other online network or service, there are certain applications, such as FTP (File Transfer Protocol) server or HTTP (Hyper Text Transfer Protocol) server, which may be used to allow other Service users and Internet users to gain access to Customer's computer. If Customer chooses to run such applications, Customer should take the appropriate security measures. Neither AT&T nor @Home Network shall have any liability whatsoever for any claims, losses, actions, damages, suits or proceedings resulting from, arising out of or otherwise relating to the use of such applications by Customer, including without limitation, damages resulting from others accessing Customer's computer.

    And the actual AUP page doesn't mention it at all: http://help.broadband.att.com/faq.jsp?content_id=7 2&category_id=34

    --
    Free Mac Mini