There's an effort underway to notify the sysadmins of machines infected by
the CODE RED worm. You can help by submitting relevant log data showing
compromise attempts to www.dshield.org. This site is collecting and
correlating information from anyone willing to participate, and the more
information they have the better. Russ Cooper (NTBugtraq) intends to take
this a step further and contact (by phone) those sites that can be
identified from the dshield data.
I don't know about you, but I think it's a great thing that folks are
finally stopping the finger pointing and actually starting to do something
about the problem. Yes, I know, some of these guys deserve to be hacked
because they are completely clueless about security and they've had more
than a month to install the patch, but we all make mistakes. I suspect
there's more than one or two machines out there (out of the more than 12,000
identified so far) that have "slipped through the cracks" of watchful
admins. Next time it could be me or you needing a phone call.
I've lived in a lot of neighborhoods over the years and the safest ones were
those where people watched out for each other. It's time we started doing
the same thing around here. Contribute. Make a difference.
Geoff
(stepping off soapbox)
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
