Vulnerability Development mailing list archives
Re: Publishing Nimda Logs - Summary
From: Jonathan Bloomquist <bocasolutions () yahoo com>
Date: Wed, 8 May 2002 10:09:06 -0700 (PDT)
--- "Deus, Attonbitus" <Thor () HammerofGod com> wrote:
4) Jonathan Bloomquist and others actively connect to offenders to send net messages to the console. Pretty cool.
I should clarify - that script was posted to slashdot and I didn't write it. I don't admin any production web servers, just ones I build in my test environments so I have not actually run that script.
Next Step: I will probably proceed with my project, taking into account the suggestions of the posters. One thing now interests me more... In the vein of JBloomquist's post and another poster who said to reverse-patch the systems, I am willing to peek into Pandora's Box and explore that precise option- Waiting for an attack, and then reverse-patching the box. Please don't tell me about the legal ramifications- I don't care about that yet. What I would like to know is if anyone has such an animal, or how one would go about reverse-patching an attacking system-- I can't write that code, but would really like to try it out.
I lean more to the side of shaming the admins into fixing them than ignoring them. However, sending a message is one thing, but actually patching their box is going a bit too far for me even if it is to help them. Warn 'em, shame 'em, scream at 'em, and mail bomb their ISP until they take action, but make each site patch themselves. "If we kill 'em they won't learn nuthin'." __________________________________________________ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com
Current thread:
- Re: Publishing Nimda Logs - Summary Jonathan Bloomquist (May 08)
- Re: Publishing Nimda Logs - Summary Deus, Attonbitus (May 08)
- Lessons learned writing exploits Iván Arce (May 08)
- <Possible follow-ups>
- Publishing Nimda Logs - Summary Deus, Attonbitus (May 08)
- Re: Publishing Nimda Logs - Summary Blue Boar (May 08)