RE: [MLUG] CodeRedII - there's a variant now - READ THIS

Email address obfuscation in effect -- please click here to turn it off.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "'EMAIL:PROTECTED'" <EMAIL:PROTECTED>
Subject: RE: [MLUG] CodeRedII - there's a variant now - READ THIS
From: "Spurling, Shannon " <EMAIL:PROTECTED>
Date: Wed, 8 Aug 2001 07:55:26 -0500
Reply-To: EMAIL:PROTECTED
Sender: EMAIL:PROTECTED

Sad part is that any major ISP worth their salt should know better than to
use IIS to host any thing. And they should know better than to use NT, or
win 2K for anything to do with any thing except maybe monitoring their
infrastructure or as workstations. One piece of evidence.... Why should a
server ever need a GUI as the default interface? I'll give you two reason
why you shouldn't, your taking CPU and memory (and lots of it!) away from
other processes and there is no good way to store the config from a GUI
based config for portability. Did any one here ever read the linux kernel
debate on machine readable VS. human readable stuff in the proc file system?
It was really interesting. Ever wonder why the windows registry is so messed
up? Could it be because no one can understand what it's doing? That's what
the gist of the conclusion of that thread was. Give me a nice little OpenBSD
box any day for security, And I'll stick with Slackware for my own
workstation or a server.

Shannon Spurling
WAN Engineer -Specialist

MOREnet, Network Services, Core Network
3212 Le Mone Industrial Blvd.
Columbia, MO 65201

Main:(573) 884-7200   Fax:(573)884-6673

EMAIL:PROTECTED
EMAIL:PROTECTED

-----Original Message-----
From: Deterding, Brent D [mailto:EMAIL:PROTECTED]
Sent: Tuesday, August 07, 2001 10:09 PM
To: MLUG Members (E-mail)
Subject: [MLUG] CodeRedII - there's a variant now - READ THIS


Hey all,
	We're in INFOCON ORANGE now


	Just FYI there's a CodeRedII variant that circumvents the patch.
It's nasty. Just like CRII except it trojans something else and I'm not
sure what. 

	There's no documentation for it yet, but trust me its there. It
hit Asia first but it IS in the US now. 

	You ever see what this thing can do to an Active Directory
server? AAAAAAHHHHHHH my brain hurts. 

	Major ISPs are hurting BAD right now, as are most big companies.


	watch www.incidents.org for more information.


	Anyone want to take bets on the next version?
		I'll bet we'll see selectable targets
		Followed by atttacking the root name servers
					   ^^^^^^^^^^^^^^^^^^^^^ <--
nasty!

-- Brent

PS - I don't mean to sound like a doomsday prophet; but I spent all day
watching several class A's crumble with this. 
--
To manage your subscription, go to http://mlug.missouri.edu/members/edit.php

Archives are available at http://mlug.missouri.edu/list-archives/
--
To manage your subscription, go to http://mlug.missouri.edu/members/edit.php

Archives are available at http://mlug.missouri.edu/list-archives/

Prev by Date: RE: [MLUG] CodeRedII - there's a variant now - READ THIS
Next by Date: RE: [MLUG] CodeRedII - there's a variant now - READ THIS
Previous by thread: RE: [MLUG] CodeRedII - there's a variant now - READ THIS
Next by thread: RE: [MLUG] CodeRedII - there's a variant now - READ THIS
Index(es):
- Date
- Thread