-----Original Message-----
From: Zangara, Jim
[mailto:[EMAIL PROTECTED]]
Sent: Saturday, August 18, 2001
10:26 PM
To: NT System Admin Issues
Subject: RE: Code Red Got me
I not "comfortable" with any product - MS,
Symantec, or otherwise. I don't
trust any of them and always try to
get a second opinion when dealing with
critical things - hence my
problems.
I am still testing the situation on these servers
because I am not positive
there has been an infection. I am
punishing my self but I do not want to
take a chance that can be avoided.
But I also do not want to disrupt
operations of the site and to get a
hold of users to reset passwords if I
can avoid it.
I have duplicated the problem on another box that is
totally hose-able
without a second thought - so it
has been rebooted and unplugged from the
network. It is hosting a copy of
the websites the other one had. I am
going to leave it running and
isolated to see if the tool from Symantec will
generate a positive again. If so
then I will feel confident that these are
false.
The main server has had an in place upgrade of
Advanced Server which
solved a couple of other issues
that server was having; as stated in my
first post, I already had a trouble
ticket open with PSS regarding problems
assigning permissions. Re-service
packed and re-hot fixed. Will monitor it
and decide what to do based on the
test server results.
I will play around with that clean MS up tool on the
test server if it
proves infected. Might be fun. If
the Big one is infected a format and
reinstall will be my only option.
Can't chance that one.
Thought this problem was fairly interesting and
appreciate the help but I
will shut up if you guys want.
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
