--- Rafael 'Dido' Sevilla <[EMAIL PROTECTED]> wrote: > > On Tue, Nov 20, 2001 at 05:36:05PM +0800, kimpoy > wrote: > > is it because they are using Microsoft IIS? > > Probably. More proof that the Gartner Group was > wise in recommending > everyone stop using IIS and being a victim of all > its brain damages. > > Arguably, it might be possible to mount a class > action lawsuit on > Microsoft for this, similar to the lawsuit Firestone > found itself in > after accidents occurred when using their tires. > The HTTP requests > generated by Nimda and Code Red, and those that are > used by script > kiddies to attack an IIS site are all perfectly > valid requests according > to RFC 2616, so these worms and script kiddies are > using the web server > as it was intended to be used. But IIS doesn't do > the right thing and > say 404 Not Found. Instead, it hands control of the > whole system to > whoever or whatever fed it that HTTP request...
With these recent shameful events concerning M$, it's quite a surprise that they only got a mild compromise with the US DOJ. Then again, US again has the excuse of hunting down Osama that it's another burden to fight another American company. M$ simply doesn't get that they're a big mass of a problem. As the traces of Nimda and Code Red still continue its tolls (via increased unnecessary traffic), M$ should better be treated as a national, heck, global security threat. 20 years of continuous incompetence which crippled lots of systems who blindly accepted their "solutions" and "evangelization" (which translated to billions of dollars of profit for them) should not go unadmonished. And with their present initiative to curb or limit disclosure of exploits and security advisories just to save face, they're the real security threat in the world today. (then again, some still refuse to see the light. They say that those who've seen the light have been blinded by it - somehow from Plato's "Allegory of the Cave") Paolo Falcone __________________________________________________ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
