On Wed, Jan 30, 2002 at 05:46:44AM +0000, Mark Carey wrote: > I mean this attack was directed at an NT/2k/XP machine. I have whois'ed > the IP and have someone to complain to, what is the general attitude here > towards responding to provocation such as this? > > I do realise that .190 is not a specific address and will probably not be > traceable back to the purpotrating computer. But someone needs a good > stiff slaping with a dripping wet trout.
If your running linux, I don't see what the problem is, you are already immune. No specific action is required on your part in response to this "threat". Its no use complaining to the owner of the IP block, as the "purpetrator" is most likley an unknowing one, a victim of some trojan. Nor are the authors of this script too evil in my opinion, anything that brings Microsofts security flaws out in the open so they can be fixed, is doing the whole internet a service. The real bearers of blame are 1) The people who choose to operate microsoft software on the internet, and thus weaken the whole internet as a result of their irresponsible decisions and 2) Microsoft themselves, who have no problems releasing seriously flawed software, and try to keep security flaws secret, so that fixing them is a lot harder. Kurt
