> On Saturday 22 September 2001 23:23, Devon wrote:
>
>> What I did find interesting is the number of ISP's who have emailed
>> all subscribers, telling them about the problem, and how to patch
>> their systems.
>
> Yesterday I opened my http to the world to give the opportunity to a
> friend to try a java applet I wrote. I opened the doors for just ten
> minuts, and I received 3 attempt from code red to exploit. It was code
> red, not nimda, I'm sure, but that's not important.
>
> Ok, I know this Idea may sound bad, or "lamer oriented".
> I only like to know if it is possible to:
>
> Take a chart of infected site and write a new worm. The worm may force
> to patch IIS if it founds holes, or may carry the code to erase code
> "color", nimda and all these stupid NT related "issues".
>
> Generally, this isn't a good idea, we are requiring to fight the
> problem in the same way the problem propagates. But this idea could be
> extended, and applied by the ISP to their customers.
>
> neugens
This subject has already been discussed extensively - try searching
the list for "Code Red" and reading articles around there that include
many external references on the subject
Basically, yes it can be done, no almost everyone thinks it is illegal
so noone seemed to have seen any web sites advertising such a solution.
There are some scripts to hit back at each attack - which does help
with the problem.
-Cheers
-Andrew
--
MS ... if only he hadn't been hang gliding!
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
