Re: CR II - winME? confirmation? (Slightly OT)

From: Amer Karim (amerkat_private)
Date: Tue Aug 07 2001 - 16:55:50 PDT

  • Next message: karoic denair: "Re: slackware permissions"

    Hi All,
    
    Thanks for the responses  - I was overlooking something obvious :-p
    
    This raises another question, however: since ALL IIS5 and IIS4 servers are
    vulnerable, including those being used to run ‘personal’ sites from peoples
    homes, why hasn’t more emphasis been placed on telling those people to patch
    their systems?  I just came across a situation today where one of my clients
    asked me to have a look at his home system since it was behaving rather
    strangely.  Found out he was running W2K Pro w/ IIS installed (had a site
    running w/ pics of his family), and when I asked him if he’d patched it for
    the original CR he just gave a blank look – followed by “I though that was
    only for servers.” …I just about put my head through the wall.  All my F/W’s
    have been logging over a 1000 HTTP events/day for the last few days, and I
    was going batty trying to figure out why it was so much worse this time
    round compared to the first CR.  Well, if even half of the people out there
    running personal web sites from their home systems are under the same
    misguided impression this chap was under, then what I’m probably seeing in
    my logs isn’t just traffic from the new CR, but also from every home system
    that was infected by the CRv1,CRv2, CRv3….and however many more there might
    be.  I’ve since informed all my clients (rather forcefully, if
    undiplomatically) that if their running IIS at home to take their systems
    off-line and format and re-install (since the new CR opens a backdoor to the
    system) and patch their systems before they put them back on-line.
    
    Are the people I’m dealing with particularly obtuse, or is this the
    prevailing attitude out there? And if so, then why aren’t the advisories
    (all flavours) being more emphatic at targeting the average home user, whose
    concept of what makes a server is rather “vague”?
    
    Regards,
    Amer Karim
    Nautilis Information Systems
    e-mail: amerkat_private, mamerkat_private
    



    This archive was generated by hypermail 2b30 : Tue Aug 07 2001 - 17:46:30 PDT