http://www.sunbelt-software.com/ntsysadmin_list_charter.htm-----Original Message-----
From: Zangara, Jim [mailto:[EMAIL PROTECTED]]
Sent: Saturday, August 18, 2001 10:26 PM
To: NT System Admin Issues
Subject: RE: Code Red Got meI not "comfortable" with any product - MS, Symantec, or otherwise. I don't
trust any of them and always try to get a second opinion when dealing with
critical things - hence my problems.I am still testing the situation on these servers because I am not positive
there has been an infection. I am punishing my self but I do not want to
take a chance that can be avoided. But I also do not want to disrupt
operations of the site and to get a hold of users to reset passwords if I
can avoid it.I have duplicated the problem on another box that is totally hose-able
without a second thought - so it has been rebooted and unplugged from the
network. It is hosting a copy of the websites the other one had. I am
going to leave it running and isolated to see if the tool from Symantec will
generate a positive again. If so then I will feel confident that these are
false.The main server has had an in place upgrade of Advanced Server which
solved a couple of other issues that server was having; as stated in my
first post, I already had a trouble ticket open with PSS regarding problems
assigning permissions. Re-service packed and re-hot fixed. Will monitor it
and decide what to do based on the test server results.I will play around with that clean MS up tool on the test server if it
proves infected. Might be fun. If the Big one is infected a format and
reinstall will be my only option. Can't chance that one.Thought this problem was fairly interesting and appreciate the help but I
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
will shut up if you guys want.
Title: RE: Code Red Got me
What
could I check to see if my server is sending out these broadcasts to infect
others? I have these guys isolated so it should be easy to see the
traffic. I have a Fluke and logging enabled on the
websites.
w2k
IIS5
thanks.
- RE: Code Red Got me - one more quick thing Zangara, Jim
- RE: Code Red Got me - one more quick thing Dan_Rembolt
- RE: Code Red Got me - one more quick thing Joe Casale
- RE: Code Red Got me - one more quick thing Zangara, Jim
- RE: Code Red Got me - one more quick thing Jerry Kennedy
