California requires SS# as part of proof of citizenship, but does not put it on the license... It's possible you could get away with just showing them a passport instead, if you had one.
In Colorado, having the SS# on the card is optional, but if you want it on the card you need to prove it's the correct one.
If we you to stop this sort of thing from continuing to happen, you need to move the ISPs into a more cynical attitude about copyright infringement. It seems to me, the easiest way to do that is false reports: lots and lots of them. Preferrably using the same form letters the bad guys use (has anyone who works at an ISP got a copy of whatever they send you to post?), report random people doing random things... you can start with those IP addresses you've all logged trying to send you Code Red.
Hypothetically, of course. You wouldn't want to actually do something like that, it's probably illegal, ianal, blah covering ass blah disclamer...
Sorry, you're right about that. Different IIS vulnerability (ugh), same sort of backdoor installed.
Either way, someone who finds a wormed IIS should remember to blow away and reinstall the box (instead of just patching IIS and cleaning up the webroot), since either the vulnerability or the backdoor could have installed who-knows-what on it in the meantime...
the Sadmind/IIS unicode worm already did the copy-cmd.exe-to-the-scripts-directory thing. CodeRed uses the same vulnerability, just attaches a different payload than changing your index.html to "f--- usa!", etc.
Kiddies were already scanning around for/scripts/root.exe and using it to set up those lovely little DoS scripts...
Slashdot Mirror
My personal experience has been (iirc):
California requires SS# as part of proof of citizenship, but does not put it on the license... It's possible you could get away with just showing them a passport instead, if you had one.
In Colorado, having the SS# on the card is optional, but if you want it on the card you need to prove it's the correct one.
If we you to stop this sort of thing from continuing to happen, you need to move the ISPs into a more cynical attitude about copyright infringement. It seems to me, the easiest way to do that is false reports: lots and lots of them. Preferrably using the same form letters the bad guys use (has anyone who works at an ISP got a copy of whatever they send you to post?), report random people doing random things... you can start with those IP addresses you've all logged trying to send you Code Red.
Hypothetically, of course. You wouldn't want to actually do something like that, it's probably illegal, ianal, blah covering ass blah disclamer...
Sorry, you're right about that. Different IIS vulnerability (ugh), same sort of backdoor installed.
Either way, someone who finds a wormed IIS should remember to blow away and reinstall the box (instead of just patching IIS and cleaning up the webroot), since either the vulnerability or the backdoor could have installed who-knows-what on it in the meantime...
--
Benjamin Coates
the Sadmind/IIS unicode worm already did the copy-cmd.exe-to-the-scripts-directory thing. CodeRed uses the same vulnerability, just attaches a different payload than changing your index.html to "f--- usa!", etc.
/scripts/root.exe and using it to set up those lovely little DoS scripts...
Kiddies were already scanning around for
--
Benjamin Coates