Is it really the problem? If you have a company and your is very IIS important, is a restart or a Backdoor of CodeRedII awful? Each child can damage your system,... and this is bad. -----Ursprüngliche Nachricht----- Von: John Thornton [mailto:jthorntonat_private] Gesendet: Donnerstag, 6. September 2001 15:08 An: vuln-devat_private Betreff: codegreen, the problem. The thing that scares me about codegreen and others like is the fact that it reboots IIS without even warning the network administrator. In the real world there are production servers that are running 24/7. Just up and rebooting a extremely important service such as IIS without letting anyone know is unheard of. For example, the company I work for runs a web based product that stores there clients data on SQL servers that is updated by IIS. If my servers just started to reboot while clients were using the product, our data integrity just went down the toilet and when you are talking about a product that is COMPLETELY data driven we have a problem. Now we are talking about countless man hours to inspect the database's and possibly have to fix the database's that your program just craped on. DBA's are not cheep. My company is going to be mad at me, and pissed at you for the money that was lost and having to explain to our clients why they were kicked out of our server. Now we are talking about a lawsuit. From this point of view, your program is far worse then code red. Welcome to corporate America. I know, it sucks. Don't get me wrong what you are doing is great. I respect it. The problem is that there are so many unique ways that IIS is used that this whole concept of a (for lack of a better term) white hat worm that fixes everything is just a bad idea and in certain cases can do more harm then what you are trying to fix. If this goes into the wild I would not be shocked at all if someone try's to sue. Just something to think about. H A C K E R ' S D I G E S T ----------------------------------------------------------------- #1 for propeller heads ----------------------------------------------------------------- www.hackersdigest.com John Thornton - jthorntonat_private Editor in Chief Hackers Digest - www.hackersdigest.com
This archive was generated by hypermail 2b30 : Fri Sep 07 2001 - 10:36:41 PDT