http://www3.gartner.com/DisplayDocument?doc_cd=101034
At 9/25/01 02:32 PM -0400, you wrote:
Maybe a better idea would be to stop a service or two (say, IIS?). I can appreciate the sentiment, but I sure wouldn't want to have to tell someone that thier whole C: drive was wiped.
David Fletcher
http://www.micro-prince.com
- ----- Original Message -----
- From: Ron Hornbaker
- To: [EMAIL PROTECTED]
- Sent: Tuesday, September 25, 2001 12:16 PM
- Subject: RE: [IMail Forum] Boomerang/Judo code (was: Virus Attacks)
- That's our code, if anyone has any questions about it. I posted it to a couple of lists yesterday, after Len posted an Apache version and gave me the idea. Looks like it's made the rounds and had its owner's name stripped from it and it's name changed from 404Judo.asp, but otherwise it's good. Boomerang indeed.
- Note that since you're turning the request back onto an infected server, the http GET should have access to its own cmd.exe file. You know, just in case you want to assist in their anti-viral efforts by re-formatting their C drive for them. ;) Please don't ask me how to do that.
- Ron Hornbaker
- President/CTO
- . . . . . . . . . . . . http://humankindsystems.com
- . . . . . . . . . . . . w e c o d e. w e c a r e.
- . Come say Hi to us at ISPCON in Las Vegas, October 9-11, booth #3620!
- . http://www.ispcon.com/fall2001/attend-exhibitordetail.asp?X_ID=1792
- . http://AnswerTrack.com - eCRM email tracking solution
- . http://KillerWebMail.com - the name says it all
- . http://hksi.net/products - EZSignUp, You'veGotIMail!, etc...
- . http://hksi.net/testimonials - 1,666 admins can't be wrong
