Bugtraq mailing list archives
Re: Full analysis of the .ida "Code Red" worm.
From: "JNJ" <jnj () pobox com>
Date: Fri, 20 Jul 2001 08:52:07 -0400
This DOES raise some pretty fundamental questions about the security of all the infrastructure, because, in theory the compromised servers _could_ have been exploited more extensively and _could_ be delivering nastily compromised stuff around. I have no reason to believe it has happened, but still...
<soapbox> I have to disagree. Microsoft released a patch for this issue on 6/18/2001. Here we are, a tad over a month later, and the issue is being exploited en masse. This calls to question the attention of systems administrators to their networks. The days of selective application of security patches are long since over. IMHO, systems affected by this recent outbreak are being administered by techs that need to pay closer attention to their installations and keeping them up to date. As the world reliance on computer systems continues to increase, it become more and more imperative that people learn these are not simply toasters that sit on the kitchen counter. Regular maintenance and attention is required and an irresponsible or ignorant attitude towards these things is the true threat to the infrastructure. The only security issue here is the human element as always. Microsoft has already come up with a tool that automagically notifies users/admins of the need to update their system within moments of a patch being released. What should they do next -- auto-patch the systems for the user/admin to ensure the security of the infrastructure? Maybe the user/admin needs to learn about that toaster on the countertop. </soapbox> James
Current thread:
- Full analysis of the .ida "Code Red" worm. Marc Maiffret (Jul 18)
- Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm. Joe Harris (Jul 19)
- Re: Full analysis of the .ida "Code Red" worm. Laurence Hand (Jul 19)
- Re: Full analysis of the .ida "Code Red" worm. Ryan Russell (Jul 19)
- RE: Full analysis of the .ida "Code Red" worm. Marc Maiffret (Jul 19)
- RE: Full analysis of the .ida "Code Red" worm. Eric Chien (Jul 20)
- Re: Full analysis of the .ida "Code Red" worm. Ryan Russell (Jul 19)
- Re: Full analysis of the .ida "Code Red" worm. Pierre Vandevenne (Jul 19)
- Re: Full analysis of the .ida "Code Red" worm. JNJ (Jul 20)
- Timely Patching (was: Full analysis of the .ida "Code Red" worm.) Crispin Cowan (Jul 23)
- Re: Mitigating some of the effects of the Code Red worm Vincas Ciziunas (Jul 19)
- Re: Mitigating some of the effects of the Code Red worm Johannes B. Ullrich (Jul 19)
- Re: Mitigating some of the effects of the Code Red worm Ryan Russell (Jul 20)
- RE: Mitigating some of the effects of the Code Red worm Linda Custer (Jul 20)