Full Disclosure mailing list archives
Re: SQL Slammer - lessons learned
From: David LaPorte <david_laporte () harvard edu>
Date: Mon, 10 Feb 2003 10:23:08 -0500
Not sure if this is dated (I'm not an AT&T customer), but AT&T was filtering port 80 as a result of Code Red. This document leads me to believe it will continue indefinately. http://help.broadband.att.com/faq.jsp?content_id=792&category_id=54 (you need to choose your state and choose Broadband Internet) David On Monday 10 February 2003 09:48, Schmehl, Paul L wrote:
-----Original Message----- From: John.Airey () rnib org uk [mailto:John.Airey () rnib org uk] Sent: Monday, February 10, 2003 4:24 AM To: guninski () guninski com; Schmehl, Paul L Cc: full-disclosure () lists netsys com Subject: RE: [Full-disclosure] SQL Slammer - lessons learnedCode Red/Nimda have fizzled out (probably still some infected machines out there), since it is possible to block ports below 1024.Huh? Our IDSes detect both Code Red I, II and III and Nimda every day, as does my Wormcatcher. I don't know *anyone* who is blocking port 80. Do you? Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/~pauls/ AVIEN Founding Member _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
-- David LaPorte, CISSP Senior Network Security Engineer Harvard University Information Services NOC ----------------------------------------------- Email: david_laporte () harvard edu PGP: 0x4DC3E508 4A1F058DB2B32FEF10A14F6BD370A6AD4DC3E508 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: SQL Slammer - lessons learned, (continued)
- Re: SQL Slammer - lessons learned Georgi Guninski (Feb 09)
- Re: SQL Slammer - lessons learned yossarian (Feb 09)
- RE: SQL Slammer - lessons learned Steve Wray (Feb 09)
- RE: SQL Slammer - lessons learned Schmehl, Paul L (Feb 09)
- Re: SQL Slammer - lessons learned Helmut Springer (Feb 09)
- RE: SQL Slammer - lessons learned Steve Wray (Feb 09)
- Re: SQL Slammer - lessons learned Helmut Springer (Feb 09)
- RE: SQL Slammer - lessons learned John . Airey (Feb 10)
- RE: SQL Slammer - lessons learned John . Airey (Feb 10)
- Re: SQL Slammer - lessons learned David Howe (Feb 10)
- RE: SQL Slammer - lessons learned Schmehl, Paul L (Feb 10)
- Re: SQL Slammer - lessons learned David LaPorte (Feb 10)
- Re: SQL Slammer - lessons learned Karl DeBisschop (Feb 10)
- Re: SQL Slammer - lessons learned David LaPorte (Feb 10)
- Re: SQL Slammer - lessons learned petard (Feb 10)
- Re: RE: SQL Slammer - lessons learned I.R. van Dongen (Feb 10)