-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It might be discussable installing a - easily uninstallable - routine which send emails and (broadcast) messages to admin account accessible from the infected box, stating very clearly what to do 1) to get rid of the worm 2) to get rid of that utility afterwards. But surely not another virus. The only correct way IMHO is to shut of the access to the networks for offenders. Via the direct ISP or the upstreams. This has been done before, and this works. SaS - -- Dr. Alexander Sarras Product Unit Enterprise Communication Systems Ericsson Enterprise AB Tel: +43/1/811 00 4668 Fax: +43/1/811 00 11 4668 email: Alexander.Sarrasat_private > -----Original Message----- > From: Markus Kern [mailto:markus-kernat_private] > Sent: Thursday, September 06, 2001 11:46 AM > To: Alexander Sarras (SEA) > Cc: vuln-devat_private > Subject: Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) > > > > "Alexander Sarras (SEA)" wrote: > > > > > -----Original Message----- > > > From: Meritt James [mailto:meritt_jamesat_private] > > > > > > Clever tool with immoral, unethical and possibly illegal use. > > > > > Never mind that last point, I'd be more concerned with the > first two. > > And, *anybody* who want's to sneak a worm into my systems (no > > matter what the intentions are) gets me really pissed off. That > > probably holds true for a lot of people. > > I absolutely understand your concerns. Personally I wouldn't want > anyone else to execute code on my machines either but a patch has > been available for months now. Every admin who cares about her > systems has already fixed them ( I'm aware that it may be difficult > to > apply patches > in some cases because they might break other stuff but after over > two months such problems should be solved). > The others who didn't care about Code Red are very likely not to > care about Code Green / CRclean either, yet they're still causing > problems for the community. > > regards, > Markus Kern > -----BEGIN PGP SIGNATURE----- Version: PGP 7.1 iQA/AwUBO5dTX3/j44UBWb5aEQJY1ACfdQtlQvtjcQ9GZ6CL4gRambV/DSAAniao 19+WyfEHSg1Nl53fNxxsM+Tk =dxTK -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Thu Sep 06 2001 - 16:54:42 PDT