This is a bit off topic, but I've been sending notes to everyone whose infected machine is hitting my firewall. Note that it won't work if the machine is behind a NAT box or firewall, but about 80% of the messages are going through.
From your Windoze box:
net send xxx.xxx.xxx.xxx "Your computer is infected with Code Red. Please patch your server immediately!"
Replace the xxx with the offending IP addresses (duh!)
I'm pretty sure that net send uses port 137, so there's a good chance that it's blocked, but like I said, about 80% of the messages are getting through. It pops up a message box on the infected system.
Now, if someone would just write a small apps that listens to port 80 for the Code Red packets and attempts a reply with net send
Slashdot Mirror
This is a bit off topic, but I've been sending notes to everyone whose infected machine is hitting my firewall. Note that it won't work if the machine is behind a NAT box or firewall, but about 80% of the messages are going through.
From your Windoze box:
net send xxx.xxx.xxx.xxx "Your computer is infected with Code Red. Please patch your server immediately!"
Replace the xxx with the offending IP addresses (duh!)
I'm pretty sure that net send uses port 137, so there's a good chance that it's blocked, but like I said, about 80% of the messages are getting through. It pops up a message box on the infected system.
Now, if someone would just write a small apps that listens to port 80 for the Code Red packets and attempts a reply with net send