On Thu, 9 Aug 2001, J. Dow wrote:
> From: "Ryan" <[EMAIL PROTECTED]>
>
> > Code Red II. Not a problem for Linux servers. Affects Microsoft web
> > servers who haven't updated security patches.
>
> Note that almost all W2K machines, the affected machines, have IIS installed
> whether or not it is running. If you have friends let them know they are
> infected. (No "ifs" involved by this date. I am getting as many as two hits
> a minute here.) IF there is a c:\inetpub\scripts\root.exe file the friend
> gets the dubious pleasure of downloading the security patch, reinstalling
> with the network disconnected, installing the patch, and then reinstalling
> the network cable(s) - and all the OTHER software. I have not heard of a
> way to clean it off infected machines yet. (I have noticed you can do
> *ANYTHING* you want on infected machines from a web server.)
For those of us (me) who haven't bothered to read too much, thanks. This
was informative. I would've been concerned, 'cept the two guys I know who
run Win2kPro, one is dialup user and the other is my roommate who is
hardware firewalled (Port 80 forwarded to me by router). I will pass this
info on to the dialup guy, but he's a computer geek (CCNA) and subscribes
to securityfocus mailing list.
Thanks,
Ryan
--
[ Ryan Camick Cambridge, Ontario, Canada ]
[ Powered by Red Hat Linux 7.1 / Kernel 2.4.7 ]
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
