Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hotmail Servers Shut Down by Code Red

Posted by CmdrTaco on from the is-it-a-problem-yet dept.

An Anonymous Coward writes: "SF Gate has this story about Code Red taking down some of Microsoft's Hotmail servers. That's funny." So is Code Red a problem yet? Meanwhile my sircams have stopped, except for 2 people who mail me a hundred or more a day. Thank god for filters, but if I had a monthly bandwidth cap, I'd be pissed.

9 of 460 comments (clear)

  1. I'm incredulous by wirefarm · · Score: 5, Interesting

    I find it amazing that they didn't take every precaution to protect what might be their highest-profile property. If MSDN went down, they could cover it - Most of their other servers, too. But Hotmail? That's so closely associated with Passport and, by association, dot-net, that I think they would do absolutely everything in their power to keep it spotless in the minds of the users.
    Good luck to them. They'll need it.
    I got two unsolicited calls asking how to set up Apache on a Windows 2000 server. These were people who had never seen a need to switch before. If I convert their servers for them, I'll probably set up a Linux box or two, 'just for backup purposes'.
    Heh heh.
    Cheers,
    Jim in Tokyo

    --
    -- My Weblog.
  2. Re:Microsoft to be the target of (more) lawsuits? by Shotgun · · Score: 4, Interesting

    Except that the EULA, any EULA, is absolute and total bullshit, except in Maryland and Virginia(?) who think UCITA makes sense.

    You can't make addendums to a contract after the sale without agreement from both sides. Clicking a button or hitting a key does not constitute proof of agreement. That requires a signature. Please help spread the news that EULA's are bullshit until they are upheld in a court of law or supported by legislation. At the present, they are just some grandstanding bullshit from rich software companies with nothing more than threats from lawyers standing behind them.

    BTW, did I mention that EULAs are BULLSHIT mumbo-jumbo legalese that don't have the force of spit.

    --
    Aah, change is good. -- Rafiki
    Yeah, but it ain't easy. -- Simba
  3. Re:BSD by Balinares · · Score: 4, Interesting
    I bet Microsoft is wishing they left those hotmail servers on BSD.

    The sad part is, they probably don't. More likely, they're wishing it was illegal to be a programmer outside a regular, certified company. That way, those damn hackers couldn't exist, and only companies would produce software, for the only good reason there is to produce software, money.

    And the worse is, I'm barely being satirical here. It's really what they corporate culture seems to promote, as has been proved too many times... Maybe I'm just being an overreacting idiot, but they've given me that impression so many times...
    --

    -- B.
    This sig does in fact not have the property it claims not to have.
  4. Irony? by rnturn · · Score: 4, Interesting

    And this the company whose software that the vast majority of ISPs insist that you use if you want to connect to the internet using their lines.

    I think I'll have some new ammunition the next time I get into an argument with an ISP over what software I'm allowed to run.

    --
    CUR ALLOC 20195.....5804M
  5. How long will this be going on by bfree · · Score: 3, Interesting

    One little server on a little 128k leased line and the attack pattern since 1st August reads
    13,35,24,27,27,63,73,47,32 (in 15 hours)
    Until the 4th August all the attacks were from the initial breed (NNNNNN). On the 4th 3 of the 27 attacks were from the new breed (XXXXXX). On the 5th 15 NNNNN and 12 XXXXX. Day 6 and only 10 of the old breed arrive while 63 of the new breed are in and since then we are down to about 3 attacks of the old NNNNN per day.

    I actually agree with the concept setting up a lot of machines to reply to the virus with the fix. It seems obvious that too many NT/2000 boxes out there are abandoned and vulnerable thanks to the lack of knowledge required to expose one. Who thinks that we won't see any attacks next month?

    --

    Never underestimate the dark side of the Source

  6. Load Balanced by waldoj · · Score: 4, Interesting

    We discussed this one year ago this week. It was concluded that they were running a round-robin DNS, and you'd sometimes get Apache (~20% of the time) and sometimes get IIS 5.0 (~80% of the time.) To run your own experiment, try the script that I included at the time.

    #!/bin/bash
    i=1
    while [ "$i" -lt 253 ]
    do
    lynx -head -dump http://lw7fd.law7.hotmail.msn.com/ |grep Server >> /var/tmp/hotmail
    let i="$i"+1
    done


    -Waldo

  7. Re:Hotmail running Windows again? by doctor_oktagon · · Score: 3, Interesting

    As far as I can recall, it was running on BSD, and it was being recently "migrated" to Win2K. Re: fixing worms ... don't even go there!!

  8. What the hell. by scott1853 · · Score: 5, Interesting

    Ok, I know it's a lot of servers, but the company that runs Hotmail, also wrote the OS that is insecure. This company release a warning, what, like 6 months ago, and also released a patch at the same time. They have been claiming that this is a major security hole since then and strongly encourages everybody to install the patch, yet they themselves don't.

    Somehow, when I picture a server farm, I see this clean, organized room with nice neat racks. With everything that happens with MS's servers, all I can envision is a building reminiscent of a level from Diablo. Something dark & gloomy with servers just sitting on workbenches with their hard drives just hanging out of the side of the case and the motherboard coated in 1/2" of dust.

    How can you forget a bunch of servers. I work for a small ISP so we're not the most organized place, but hell, all we have is two racks for modems & routers, and a dozen boxes sitting on the floor for servers. But we at least have pieces of paper tacked to the wall with a list of IP addresses, server names, functions and OS. We install the patches on all of our machines just fine.

    All you need is a list of all the servers. Then take that list around with you and after you install the patch, put a little "X" next to the server on the list. Not really complex guys. Of course this is Microsoft, they're probably running little handhelds with WinCE, connecting wirelessly to a MSSQL server that seems to simply misplace records for the hell of it.

  9. Re:How to choose a web server for your company by clinko · · Score: 3, Interesting

    Think about this...

    For A Linux box or a Windows box, go through the same list and realize that it's the administrator that matters. Not the OS! Really. A windows box can be just as secure as linux box if the administrator knows what he is doing. An admin for a win2k box is cheaper than a linux admin. There's more of them. So the cost of the OS takes itself out.

    1) Pick a platform that is difficult to administer remotely
    (2) Pick a platform that is insecure
    3) Pick a platform that can't handle the amount of customers you have
    4) Pick a platform that costs a tonne of money
    5) Pick a platform that requires a person with a dodgy qualification to run it, who doesn't know left from right, and demands more money than they are worth

    6) Pick a platform that is proprietary

    7) Pick a platform that runs on low-end server hardware or worse only

    8) Pick a platform that you will have to lease by the year or per billion processor cycles within the next 3 years

    9) Pick a platform with a database server that "loses" data given certain queries

    10) Pick a platform that is forever morphing, changing technology, and has a history of instability

    11) Pick a platform which would get you the sack if management had a clue