nanog mailing list archives
Re: Disabling QAZ (was Re: Port 139 scans)
From: John Fraizer <nanog () EnterZone Net>
Date: Fri, 29 Sep 2000 16:29:55 -0400 (EDT)
On Fri, 29 Sep 2000, Dan Hollis wrote:
On Fri, 29 Sep 2000, Mike Lewinski wrote:"exit" will close the connection but not the QAZ server, while "quit" does appear to shut it down. You can also "run x". Once QAZ has been shutdown, it's also possible to connect to the share and manually delete the infected notepad.exe, although I haven't yet figured out if there's a way to unshare someone's drives remotely via command line (if I did this, I wouldn't be able to get back in to clean the infection).It would be cool if someone would make a tool that would auto-disinfect users... -Dan
Yep. The problem with that is that current laws on the books (in the US at least) make this an illegal solution. If memory serves me correctly, the one I'm thinking about is worded something like: "...any person who without authorization, accesses, modifies, deletes or destroys..." The penalties are pretty stiff too. The best of intentions don't negate the fact that it's illegal. --- John Fraizer EnterZone, Inc
Current thread:
- Re: Inventor of the Internet Technology / Father of Modern Day Networking, (continued)
- Re: Inventor of the Internet Technology / Father of Modern Day Networking Bill Becker (Sep 27)
- Port 139 scans John Fraizer (Sep 27)
- Re: Port 139 scans Randy Bush (Sep 27)
- Re: Port 139 scans Dana Hudes (Sep 28)
- Re: Port 139 scans Henry R. Linneweh (Sep 28)
- Re: Port 139 scans Etaoin Shrdlu (Sep 28)
- Port 139 scans John Fraizer (Sep 27)
- Re: Port 139 scans John Fraizer (Sep 29)
- Re: Port 139 scans Charles Scott (Sep 29)
- Disabling QAZ (was Re: Port 139 scans) Mike Lewinski (Sep 29)
- Re: Disabling QAZ (was Re: Port 139 scans) Dan Hollis (Sep 29)
- Re: Disabling QAZ (was Re: Port 139 scans) John Fraizer (Sep 29)
- Re: Disabling QAZ (was Re: Port 139 scans) Dana Hudes (Sep 29)
- Re: Disabling QAZ (was Re: Port 139 scans) Mike Lewinski (Sep 29)
- Re: Disabling QAZ (was Re: Port 139 scans) Jason Slagle (Sep 30)
- Re: Disabling QAZ (was Re: Port 139 scans) Travis Pugh (Sep 30)
- Re: Inventor of the Internet Technology / Father of Modern Day Networking Bill Becker (Sep 27)
- Re: Disabling QAZ (was Re: Port 139 scans) Jason Slagle (Sep 30)
- Re: Disabling QAZ (was Re: Port 139 scans) John Fraizer (Sep 29)
- Re: Disabling QAZ (was Re: Port 139 scans) Mike Lewinski (Sep 29)
- Re: Port 139 scans Ben Browning (Sep 27)
- Re: Port 139 scans Jason Slagle (Sep 27)
- Re: Port 139 scans Dan Hollis (Sep 27)