Vulnerability Development mailing list archives
Re: Publishing Nimda Logs
From: Boyd Lynn Gerber <gerberb () zenez com>
Date: Tue, 7 May 2002 21:46:17 -0600 (MDT)
On Tue, 7 May 2002, Deus, Attonbitus wrote:
It is truly sad that so many people are still infected with Nimda. There is a company with my corporate ISP that I have notified 3 times now that they are attacking other systems. It seems they can't figure out how not to install Win2k/IIS5.0 while connected to the net. The sad thing is that this is a computer company. I have seen a site where people have published the IP of the offending boxes for stuff like Nimda and CR. I am thinking about doing the same thing so that people can either use that information to block the IP's or to do whatever they want for that matter. I'm curious to see how other feel about this. Is it: 1) Recommended. Go for it and publish the IP's and let the "Gods of IP" sort out the damage. 2) A Bad Thing. These are innocent victims, and you will just have them be attacked by evil people. 3) Boring. Who cares? It's Nimda, and an everyday part of life. Deal with it and ignore the logs. If "1," then I was thinking of going with a "Hall of Shame" and providing ARIN look ups, contacts, and the whole bit. I could even allow other people to post logs there and stuff like that... Input appreciated.
The one problem is the ARIN is not up to date. I have tried to get information removed. I was the owner of some IP 8 years ago. They have been infected, remove the virus and get infected again. Every time their system gets messed up I get 30-50 emails telling me my machines are infected and that I need to do something about them. I have not had any control for 8 years over these IPs. I should not be responsible for them. So the ARIN reports are totally bogus. I am sure others may also have this problem. Thanks, -- Boyd Gerber <gerberb () zenez com> ZENEZ 3748 Valley Forge Road, Magna Utah 84044
Current thread:
- Re: Publishing Nimda Logs, (continued)
- Re: Publishing Nimda Logs Jose Nazario (May 07)
- Re: Publishing Nimda Logs Chip McClure (May 07)
- Re: Publishing Nimda Logs Ron DuFresne (May 07)
- Re: Publishing Nimda Logs hellNbak (May 07)
- Re: Publishing Nimda Logs Jonathan Bloomquist (May 07)
- Re: Publishing Nimda Logs Lincoln Yeoh (May 08)
- RE: Publishing Nimda Logs Eli K. Breen (May 07)
- RE: Publishing Nimda Logs Andy Wood (May 08)
- Re: Publishing Nimda Logs Nick Lange (May 08)
- RE: Publishing Nimda Logs Andy Wood (May 08)
- Re: Publishing Nimda Logs warchild (May 07)
- Re: Publishing Nimda Logs Boyd Lynn Gerber (May 08)
- Re: Publishing Nimda Logs mlafon (May 07)
- RE: Publishing Nimda Logs Silcock, Stephen (May 07)
- RE: Publishing Nimda Logs brossini (May 08)
- RE: Publishing Nimda Logs Andy Wood (May 08)
- RE: Publishing Nimda Logs Jose Nazario (May 08)
- Re: Publishing Nimda Logs Clinton Smith (May 08)
- RE: Publishing Nimda Logs Alexander Sarras (ABG) (May 08)
- RE: Publishing Nimda Logs Ron DuFresne (May 08)
- Re: Publishing Nimda Logs zeno (May 08)
- Re: Publishing Nimda Logs Raistlin (May 08)
(Thread continues...)