RE: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)

From: Alexander Sarras (SEA) (Alexander.Sarrasat_private)
Date: Thu Sep 06 2001 - 03:43:15 PDT

Next message: sween: "Re: Telnetd exploit for solaris"

Previous message: Meritt James: "illegal cheer (was: Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Maybe in reply to: Herbert HexXer: "CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Next in thread: Markus Kern: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Reply: Markus Kern: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Reply: S: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Reply: Jay D. Dyson: "RE: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It might be discussable installing a - easily uninstallable - routine
which send emails and (broadcast) messages to admin account
accessible from the infected box, stating very clearly what to do 1)
to get rid of the worm 2) to get rid of that utility afterwards. But
surely not another virus. 

The only correct way IMHO is to shut of the access to the networks
for offenders. Via the direct ISP or the upstreams. This has been
done before, and this works.

SaS
- -- 
Dr. Alexander Sarras
Product Unit Enterprise Communication Systems
Ericsson Enterprise AB

Tel:   +43/1/811 00 4668
Fax:   +43/1/811 00 11 4668
email: Alexander.Sarrasat_private


> -----Original Message-----
> From: Markus Kern [mailto:markus-kernat_private]
> Sent: Thursday, September 06, 2001 11:46 AM
> To: Alexander Sarras (SEA)
> Cc: vuln-devat_private
> Subject: Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)
> 
> 
> 
> "Alexander Sarras (SEA)" wrote:
> > 
> > > -----Original Message-----
> > > From: Meritt James [mailto:meritt_jamesat_private]
> > >
> > > Clever tool with immoral, unethical and possibly illegal use.
> > >
> > Never mind that last point, I'd be more concerned with the 
> first two.
> > And, *anybody* who want's to sneak a worm into my systems (no
> > matter what the intentions are) gets me really pissed off. That
> > probably holds true for a lot of people.
> 
> I absolutely understand your concerns. Personally I wouldn't want 
> anyone else to execute code on my machines either but a patch has
> been available for months now. Every admin who cares about her
> systems has already fixed them ( I'm aware that it may be difficult
> to 
> apply patches
> in some cases because they might break other stuff but after over
> two months such problems should be solved).
> The others who didn't care about Code Red are very likely not to
> care about Code Green / CRclean either, yet they're still causing
> problems for the community.
> 
> regards,
> Markus Kern
> 

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQA/AwUBO5dTX3/j44UBWb5aEQJY1ACfdQtlQvtjcQ9GZ6CL4gRambV/DSAAniao
19+WyfEHSg1Nl53fNxxsM+Tk
=dxTK
-----END PGP SIGNATURE-----

Next message: sween: "Re: Telnetd exploit for solaris"
Previous message: Meritt James: "illegal cheer (was: Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Maybe in reply to: Herbert HexXer: "CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Next in thread: Markus Kern: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Reply: Markus Kern: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Reply: S: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Reply: Jay D. Dyson: "RE: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Sep 06 2001 - 16:54:42 PDT