Slashdot Mirror

← Back to Stories (view on slashdot.org)

Code Redux

Posted by michael on from the carpetbombing-the-new-economy dept.

I don't understand why Symantec classifies a "remote root" exploit as only "medium" damage. Code Red [?] is hitting cable modem networks especially hard, as the new variants scan "nearby" IP's in preference to random ones, which has apparently caused enough damage and network congestion that AT&T's residential broadband division (MediaOne) has cut off port 80 across their network to try and halt the spread of the worm, or so several submitters reported. Newsforge has a story about various reactions to the worm, and reader nettdata sent in an interesting story about the worm becoming the main course at a dinner of security specialists.

4 of 472 comments (clear)

  1. Code Red Self Test by staplin · · Score: 5, Interesting

    While out and about looking for the latest Code Red statistics, I found this link to a Code Red Self Test which is supposed to tell you if you are vulnerable, and if you have been infected.

    I don't know if it works, I don't have a Win boxen to test it on...

  2. Cutting off port 80 by Grim+Grepper · · Score: 5, Interesting
    I really hope that RoadRunner doesn't decide to cut off port 80, as I happen to be running a webserver. Since I don't use IIS or Windows, it seems unfair that they would cut me off; it doesn't seem quite fair.

    What they should do is scan for people running IIS webservers and cut them off. Leave the Apache users alone!

  3. RoadRunner Fairfax VA unusable by banky · · Score: 4, Interesting

    Here in Fairfax, our cable modem dropped out around 6pm Sunday night; it came back up after about an hour, but ever since then, I've had faster speeds on dial-up.

    The phone system reports that SirCam has taken out their email servers, and that Code Red [I|II] is causing serious performance problems. They expect to have it done by tomorrow - except that today, when I called, they no longer are saying that, merely begging users to patch their systems.

    Phone tech support is turned off, at least in my wanderings in the phone system.

    Anyone else having these problems?

    --
    ZOMG I WOULD LOVE TO KNOW ABOUT YOUR FEELINGS ON MACINTOSH VERSUS WINDOWS, VI VERSUS EMACS, AND HOW YOU'RE NOT A DORK
  4. The real danger by aralin · · Score: 5, Interesting
    The real problem is that all the boxes that are vulnerable to this one specific exploit advertise themselves all over the net! Everyone knows what exploit it is. All you need to do is to read your apache logs and you own at average 400-500 windows boxes to do ANYTHING you want.

    Remote Linux install, anyone?

    --
    If programs would be read like poetry, most programmers would be Vogons.