I know this is an exchange list, but I just thought it would be good measure to fwd this msg.
-----Original Message----- From: David Lewis-Waller [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 18, 2001 4:06 PM To: aspsecurity Subject: [aspsecurity] RE: Microsoft Security Bulletin MS01-052 Further to my last, yep this definitely breaks Terminal Services and thus no remote admin. Just tried it on a local Windows 200 Server. I wish I'd done that first but the bug looked serious enough to warrant application on a live server without testing. Lesson learnt. So we have a known vulnerability without an effective patch, just waiting for our servers to go down - ho hum! You have been warned! David -----Original Message----- From: David Lewis-Waller [mailto:[EMAIL PROTECTED]] Sent: 18 October 2001 20:33 To: aspsecurity Subject: [aspsecurity] Microsoft Security Bulletin MS01-052 I've just implemented the Microsoft Security Bulletin MS01-052 hot fix for Terminal Services on a Windows 2000 server and it broke Terminal Service. Fortunately, I also run VNC on this box and even though another reboot didn't fix the problem uninstalling the patch did. This isn't funny when you are 280 miles from your server. Has anybody had this problem? How does one go about reporting this to MS, the web site doesn't make this easy. David -----Original Message----- From: Aurit, Mark [mailto:[EMAIL PROTECTED]] Sent: 18 October 2001 16:44 To: aspsecurity Subject: [aspsecurity] RE: iis5 (was: Winnt to Unix) 1) if the deleted folders were also iis virtuals, did you delete those also? 2) run urlscan (or the eeye.com) product. Interecept and dispose of the url before it gets to iis. Is your machine infected? > Mark Aurit > Northrop Grumman Information Technology > [EMAIL PROTECTED] > (310) 332-3454 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 18, 2001 7:21 AM To: aspsecurity Subject: [aspsecurity] RE: Fwd: Winnt to Unix I'm using ISS 5.01 and it seems when I get attacked by these viruses (many requests to files/folders that I deleted/renamed) it shuts down. Any ideas? IJO ----- Original Message ----- From: "Mike Mackert" <[EMAIL PROTECTED]> To: "aspsecurity" <[EMAIL PROTECTED]> Sent: Thursday, October 18, 2001 9:58 AM Subject: [aspsecurity] RE: Fwd: Winnt to Unix > I believe you would have to run Chili!Soft ASP, a product of Sun > (http://www.chilisoft.com) to make ASP run on a *nix system. It costs > money, of course (looks like $500), but such is life. > > My only concern would be whether or not an admin knows a *nix better than > Windows. Because if the admin doesn't know *nix better than Windows, then > (IMHO) it seems just as likely the *nix box will be attacked and > compromised. CodeRed and Nimda attacked well-known holes that Microsoft > provided patches for a long time before the attacks actually happened. If > an admin doesn't follow up on the patches for a Windows machine, would > changing to *nix correct that problem? > > Mike > > _________________________________ > > Mike Mackert > College of Nursing, Webmaster > http://nursing.msu.edu > > : -----Original Message----- > : From: Darius [mailto:[EMAIL PROTECTED]] > : Sent: Thursday, October 18, 2001 3:51 AM > : To: aspsecurity > : Subject: [aspsecurity] Fwd: Winnt to Unix > : > : > : Hello Everyone, > : I'm had problems with the current setup of web server using IIS being > : attacked by viruses like code red and nimda. I am thinking of > : transferring to Unix instead of using WinNT. But I would be new to > : this environment. Do you think my existing ASP applications could > : still run in Unix, particularly Linux? Are there libraries or tools I > : need to install in Unix to run my ASP? > : > : Thank you. > : > : Best regards, > : Darius > : > : > : | [EMAIL PROTECTED] = YOUR ID > : | http://www.asplists.com/search = ARCHIVES > : | http://www.asplists.com/aspsecurity = QUIT/JOIN > : > > | [EMAIL PROTECTED] = YOUR ID > | http://www.asplists.com/search = ARCHIVES > | http://www.asplists.com/aspsecurity = QUIT/JOIN > | [EMAIL PROTECTED] = YOUR ID | http://www.asplists.com/search = ARCHIVES | http://www.asplists.com/aspsecurity = QUIT/JOIN | [EMAIL PROTECTED] = YOUR ID | http://www.asplists.com/search = ARCHIVES | http://www.asplists.com/aspsecurity = QUIT/JOIN | [EMAIL PROTECTED] = YOUR ID | http://www.asplists.com/search = ARCHIVES | http://www.asplists.com/aspsecurity = QUIT/JOIN | [EMAIL PROTECTED] = YOUR ID | http://www.asplists.com/search = ARCHIVES | http://www.asplists.com/aspsecurity = QUIT/JOIN _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]