At 02:48 PM 8/8/01 +1200, Jason Haar wrote: >On Tue, Aug 07, 2001 at 04:55:50PM -0700, Amer Karim wrote: > > strangely. Found out he was running W2K Pro w/ IIS installed (had a site > > running w/ pics of his family), and when I asked him if he’d patched it for > > the original CR he just gave a blank look followed by “I though that was > > only for servers.” …I just about put my head through the wall. All my > F/W’s I'm connected to an Earthlink DSL line. Port 80 is getting hit about once every 30 to 90 seconds from a Code Red infected machine. As a test, I connected to some of these systems with the UNICODE file execution string posted back in October/November of 2000. Out of 5 systems tested, (100%) 5 systems had not even patched that bug from last year!!!! People in general are just clueless about what's going on. It is a script kiddie heaven on Earthlink DSL lines! - hh >:-) > >Last week on our national radio station here in New Zealand, a rep from >Sophos said that all companies should be ensuring they have installed the >patch before the next wave of CodeRed went out. He then went on to >*explicitly* state that home users didn't have to worry about it as it only >affected commercial sites! :-/ > >-- >Cheers > >Jason Haar > >Unix/Special Projects, Trimble NZ >Phone: +64 3 9635 377 Fax: +64 3 9635 417
This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 11:11:19 PDT