On Wed, 15 Aug 2001, Cito Maramba wrote: > running. Win2k installs this and runs this without telling the user. > xenos and I wanted to sledgehammer the machine but instead, he just > unplugged it from the network and switched it off. Bandwidth traffic > dropped dramatically after that. QED. > It pisses me off that the highly publicized solution to Code Red is to > "install a patch" on IIS. The REAL Solution is not to use IIS in the > first place. Use Apache, or better yet, Linux AND Apache. To be fair, Linux is not immune to this kind of hacking, as some time ago, another worm ravaged through unpatched stock Redhat 6.2 systems running vulnerable versions of wu-ftpd and lpd. Subsequent systems become candidates for DDoS, depending on the severity of the compromise. And redhat does indeed install and bring up lpd and wuftp by default as well. This just proves to show how much proper and pro-active administration really determines how secure a network is. The major problem with NT/IIS is the frequency of the occurences of security breaches which means NT admins have to be on their toes more often than Linux admins, and usually, the patches given out by M$ does not solve the problem or even makes it worse. Remember that fiasco with the Exchange "hotfix patch". Sheesh... If one were paying for microsoft software, at the very least the product should be AS SECURE or even more secure than its open source counterparts! _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
