Re: buddylinks worm

["Clint Bodungen" <clint () secureconsulting com>]

They are back up now but you are right... they are getting DOS'd... but not
because of the amount of requests.  They are running a vulnerable version of
thttpd, which is susceptible to DOS. thttpd 2.21b on Debian to be exact.


----- Original Message ----- 
From: "Jason Yates" <jaywhy2 () comcast net>
To: "Jeremy Junginger" <jj () act com>
Cc: <incidents () securityfocus com>
Sent: Tuesday, February 10, 2004 6:07 PM
Subject: Re: buddylinks worm



> >
>
> I contacted internap.com there upstream provider.  There support guy I
> talked to told me email abuse () internap com and they'll look into it.  I
> emailed the information; but I really didn't think anything would happen
> of it.  The support rep didn't seem like he really cared.  I guess I was
> wrong though.  I can't ping buddylinks.net anymore.  Although I wouldn't
> credit internap.com yet though; it just as likely they got DOS'd by the
> amount of requests and crashed.


---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------