Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)

From: Markus Kern (markus-kernat_private)
Date: Thu Sep 06 2001 - 04:16:06 PDT

Next message: Dom De Vitto: "RE: Telnetd exploit for solaris"

Previous message: lazy: "Re: Telnetd exploit for solaris"
Next in thread: Ron DuFresne: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Next in thread: Hire, Ejay: "RE: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Reply: Ron DuFresne: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

"Alexander Sarras (SEA)" wrote:
> 
> It might be discussable installing a - easily uninstallable - routine
> which send emails and (broadcast) messages to admin account
> accessible from the infected box, stating very clearly what to do 1)
> to get rid of the worm 2) to get rid of that utility afterwards. But
> surely not another virus.
> 
> The only correct way IMHO is to shut of the access to the networks
> for offenders. Via the direct ISP or the upstreams. This has been
> done before, and this works.

Ron DuFresne's <dufresneat_private> post indicates that this method
doesn't always work as well as we'd like it to.

Personally I prefer a technical solution to begging and court orders.
http://www.technocracyinc.org/images/cbusses.jpg illustrates my point
quite accurately.

Markus Kern

Next message: Dom De Vitto: "RE: Telnetd exploit for solaris"
Previous message: lazy: "Re: Telnetd exploit for solaris"
Next in thread: Ron DuFresne: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Next in thread: Hire, Ejay: "RE: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Reply: Ron DuFresne: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Sep 06 2001 - 08:41:09 PDT