Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Code Red attacks

From: Gordon Ewasiuk <gewasiuk () gnmc net>
Date: Mon, 17 Sep 2001 18:22:15 -0400 (EDT)
On Today, Jason Withrow wrote:

What is the legal issue, it is a purely defensive mechanism.



On Today, Jason Withrow wrote:

Since CR installs a CMD Shell that is freely accessable,
Write a script that write a text file to that users computer.


<disclaimer>
I am not a lawyer and despise Code Red as much as anyone.
</disclaimer>

You suggested writing a text file to an infected system.  Such an act
could be construed as tampering with that system, illegally uploading
data, using their resources without their permission, etc.  Some companies
might even call that a break-in attempt.

Not sure how I would handle it.  I'm a firm beliver in proactive
monitoring and patching.

-Gordon

--------------------------------------------------
Gordon Ewasiuk, Certifed Sun Fanatic,  Winstar VHC
The REAL office number is here----->  703.893.4901
Tired of BSODs, My Computer, and Code Red?
http://www.sun.com/solaris/binaries/
-------------------------------------------------


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: