Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Mitigating some of the effects of the Code Red worm

From: Vincas Ciziunas <fizban () tamos net>
Date: Fri, 20 Jul 2001 00:09:55 -0400 (EDT)
On Thu, 19 Jul 2001, LARD BENJAMIN LEE wrote:


What I'm getting at, is for someone to create another exploit that creates
the C:\notworm file in infected machines and does something to
notify whoever is in charge of a particular box (even something as simple
as placing you_are_hacked.txt and a link to the patch on the desktop could
be beneficial). Even better, an exploit to patch a machine (through
removing the .ida and .idq extensions) would prevent the inevitable wave
of post-attacks (both from this worm and future attacks).


The only problem I forsee with that course of action is that for a while,
this worm may clog the networks up just as badly as Code Red.

-------------------------------------------------------------------------------

                                --Vincas Ciziunas--
                (College Student, Linux Geek, Music Nut, Virginian)
               fizban () tamos net  vciziuna () gmu edu  fizban () paulvi net
                           http://www.tamos.net/~fizban
        "There's nothing worse in the world than an angry tree," --Bob Ross

-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: