Code Red III

← Back to Stories (view on slashdot.org)

Posted by ryuzaki0 on Friday August 10, 2001 @05:48AM from the are-we-there-yet-mommy dept.

drcrja was the first to send us this brief bit about Code Red III which is apparently faster and more vicious than its entertaining predecessors. I'm still wondering what I should do with the hundreds of IPs in my desktop's apache log trying hopelessly to overflow my buffer.

4 of 759 comments (clear)

Min score:

Reason:

Sort:

Who's at fault here? by Hygelac · 2001-08-10 06:53 · Score: 1, Redundant

Well, contrary to what I've seen most people saying, I don't think it's Micros~1's fault. It's the adminintrator's responsibility to stay current. Laying this episode solely at the feet of Micros~2 is unfair. Yes, it's one of many exploits found in IIS, but NT admins, just like *nix and *BSD admins, have to be on their toes. IMNSHO, the Code Red episodes only show that thousands of NT admins are lazy morons.

--
-- Grow up and use mutt.
OK lets shut down infected boxes - by Ozric · 2001-08-10 06:23 · Score: 1, Redundant

Why can't we use the open cmd.exe to shutdown the IIS service on the infected boxes. I would like to know how to take control of an infected box and do just that. I don't know if it would be legal but, clogging up my connection will crap and not patching your server is just as bad. What is stopping us? Someone post how to do it please, I will shutdown all the boxes attacking me and if enuff people do it, we might just stop this bitch.
Re:At the risk of being redundant.. by Anonymous Coward · 2001-08-10 05:57 · Score: 1, Redundant

I know its bad to say, but mabey its time to write one that wipes the systems of the people who havent patched yet. Some people really should learn about computer security the hard way.
Code Red IV by drift+factor · 2001-08-10 05:56 · Score: 1, Redundant

It's only a matter of time before CR4 hits, monopolizing off of CR2's success, and filling our web logs with GET /scripts/root.exe hits.