Security Incidents mailing list archives
Re: Code Red - A Possible Origin?
From: "Michael J. Cannon" <mcannon () ubiquicomm com>
Date: Fri, 31 Aug 2001 11:58:05 -0500
Just a clarification...I did not say that this WAS the site, just that the timing and circumstances left questions in the minds of those of us who are curious...and that it presented an opportunity for the community to 'show its stuff' to the lurking journalists out there watching us work - although we are not the ones who will determine the final fate of CR's author, once they're found. Sorry if it caused you inconvenience as a sysadmin for the TAO collective. You guys do good work and the sites are often genuinely funny. However, the things said about the recent conference in Europe are JUST as applicable if you host sites. Be careful and pay attention to the content thereon, or you could find yourself with at least an inconvenience and at most some legal troubles. Given your political slant, satirical or not, it probably isn't a good idea to stage a 'demonstration page' of this nature under the circumstances. Also, given the tone of the response on and offline to my comments about deprecating what we call incidents of infrastructural disruption using computers, it's also probably a good idea to beef up your outer doors and have a helmet and gasmask handy for each of the staff, considering the suggestions of 'busting the door down first and asking questions later' for even SUSPECT sites. Good thing you guys are in Canada (or is it?). Once again, sorry for any inconveniences caused. Mea culpa. Michael J. Cannon Ubiquicomm "Si vis pacem, para bellum." ----- Original Message ----- From: "Joshua Hirsh" <someguy () tao ca> To: <incidents () securityfocus com> Cc: "Michael J. Cannon" <mcannon () ubiquicomm com>; <admin () tao ca> Sent: Friday, August 31, 2001 9:40 AM Subject: Re: Code Red - A Possible Origin?
Hey folks, Just thought that I'd drop a quick message on here, especially considering the increased traffic we've been seeing over the past few days. I'd just like to say that TAO Communications is a service carrier for facilitating the communications and organization of individuals and groups throughout the globe. TAO Communications, as a technical body of individuals, are sympathetic with the security conscious sys-admins of the world and fully support the open source movement. The page in question on the wrench site, as far as we're concerned, is purely satirical in nature and does not take credit for the creation and/or distribution of the Code Red IIS worm. TAO Communications would never condone, or support, the release of a worm or virus that would affect the Internet community. Best Regards, - Joshua Hirsh (A member of the TAO Communications Systems Administration collective)
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: Code Red - A Possible Origin? SVater (Sep 01)
- Re: Code Red - A Possible Origin? Michael J. Cannon (Sep 01)
- Re: Code Red - A Possible Origin? H C (Sep 02)
- <Possible follow-ups>
- Re: Code Red - A Possible Origin? Ben Okopnik (Sep 01)
- Re: Code Red - A Possible Origin? Joshua Hirsh (Sep 01)
- Re: Code Red - A Possible Origin? Michael J. Cannon (Sep 01)
- Re: Code Red - A Possible Origin? Michael J. Cannon (Sep 02)
- Re: Code Red - A Possible Origin? Michael J. Cannon (Sep 01)