Someone, I don't remember who, posted a question a week of so ago about
connecting to Oracle IAS via IIS instead of the provided Apache server because
there damagement was afraid about being hacked. Well, pass the following along
to damagement & ask them again what they want to do:
** Internet Goes Red
The "Code Red" worm ripped through Internet servers like no other
previously unleashed piece of malicious code. "We are witnessing
Internet history," says Chris Rouland, director of Internet
Security Systems X-Force, which tracks Internet vulnerabilities.
Based on reports, Code Red has infected over 225,000 servers.
The worm enters the targeted server through port 80. If the host
is running Microsoft IIS, the worm executes a malformed HTTP
"get" request to try to run a buffer overflow against the
Microsoft IIS Indexing Service dynamic-link library. Once the
worm successfully exploits the target, it starts searching for
new servers to infect, and the compromised Web site is defaced.
Code Red's ultimate target was Whithouse.gov. The worm was set to
attack the White House Web site July 20 by unleashing a torrent
of traffic at the site. According to Rouland, the White House
managed to avoid the attack by switching the site's IP address.
He says the author of Code Red made a critical design flaw by
hard-coding the White House's IP address. "That won't happen next
time," he warns.
When the ILoveYou virus struck last year, many copycats struck in
the following weeks. "I wouldn't be surprised to see many, many
copy cats of this worm," he says. In fact, reports started
surfacing Friday afternoon on security mailing list Bugtraq that
several versions may already be loose.
An explanation of, and patch for, the IIS buffer overflow
vulnerability is available at
http://update.informationweek.com/cgi-bin4/flo?y=eD2T0BdFGA0V20QKW0AK
Has this one bit you? Tell other IT folks what you're doing to
combat the problem in the Listening Post
http://update.informationweek.com/cgi-bin4/flo?y=eD2T0BdFGA0V20Nmm0AD
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author:
INET: [EMAIL PROTECTED]
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051
San Diego, California -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
