Re: Code Red - A Possible Origin?

["Michael J. Cannon" <mcannon () ubiquicomm com>]

Just a clarification...I did not say that this WAS the site, just that the
timing and circumstances left questions in the minds of those of us who are
curious...and that it presented an opportunity for the community to 'show
its stuff' to the lurking journalists out there watching us work - although
we are not the ones who will determine the final fate of CR's author, once
they're found.

Sorry if it caused you inconvenience as a sysadmin for the TAO collective.
You guys do good work and the sites are often genuinely funny.

However, the things said about the recent conference in Europe are JUST as
applicable if you host sites.  Be careful and pay attention to the content
thereon, or you could find yourself with at least an inconvenience and at
most some legal troubles.  Given your political slant, satirical or not, it
probably isn't a good idea to stage a 'demonstration page' of this nature
under the circumstances.

Also, given the tone of the response on and offline to my comments about
deprecating what we call incidents of infrastructural disruption using
computers, it's also probably a good idea to beef up your outer doors and
have a helmet and gasmask handy for each of the staff, considering the
suggestions of 'busting the door down first and asking questions later' for
even SUSPECT sites.  Good thing you guys are in Canada (or is it?).

Once again, sorry for any inconveniences caused. Mea culpa.

Michael J. Cannon
Ubiquicomm
"Si vis pacem, para bellum."

----- Original Message -----
From: "Joshua Hirsh" <someguy () tao ca>
To: <incidents () securityfocus com>
Cc: "Michael J. Cannon" <mcannon () ubiquicomm com>; <admin () tao ca>
Sent: Friday, August 31, 2001 9:40 AM
Subject: Re: Code Red - A Possible Origin?


> Hey folks,
>
>  Just thought that I'd drop a quick message on here, especially
> considering the increased traffic we've been seeing over the past few
> days.
>
>  I'd just like to say that TAO Communications is a service carrier for
> facilitating the communications and organization of individuals and groups
> throughout the globe. TAO Communications, as a technical body of
> individuals, are sympathetic with the security conscious sys-admins of the
> world and fully support the open source movement.
>
>  The page in question on the wrench site, as far as we're concerned, is
> purely satirical in nature and does not take credit for the creation
> and/or distribution of the Code Red IIS worm.
>
>  TAO Communications would never condone, or support, the release of a worm
> or virus that would affect the Internet community.
>
>
>  Best Regards,
>
> - Joshua Hirsh
> (A member of the TAO Communications Systems Administration collective)


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com