nanog mailing list archives

RE: Code Red 2 cleanup; reporting..

From: "Mathias Körber" <mathias () koerber org>
Date: Thu, 9 Aug 2001 14:19:19 +0800

   Is there an effort abound that would allow for lists of verified 'Code
Red 2' infected hosts to be reported for cleanup/mitigation?    
By known 'Code
Red 2' infected hosts, I mean that root.exe has been found to exist on the
host.

  Finding the contact information for a lot of these is proving difficult
being that a fair amount of the infected machines are Joe Blow broadband
customers.


Publishing such lists is IMHO not a good idea, as these hosts are vulnerable and
publishing their addresses would only serve to let more crackers know where to
go..

Current thread:

Code Red 2 cleanup; reporting.. z (Aug 08)
- RE: Code Red 2 cleanup; reporting.. Mathias Körber (Aug 08)
  - RE: Code Red 2 cleanup; reporting.. z (Aug 08)
    - Re: Code Red 2 cleanup; reporting.. Andrew McNamara (Aug 09)
    - Re: Code Red 2 cleanup; reporting.. Ryan Tucker (Aug 09)
  - Re: Code Red 2 cleanup; reporting.. Christopher A. Woodfield (Aug 09)
    - Re: Code Red 2 cleanup; reporting.. mike harrison (Aug 09)
    - Re: Code Red 2 cleanup; reporting.. Etaoin Shrdlu (Aug 09)
    - Re: Code Red 2 cleanup; reporting.. mike harrison (Aug 09)
    - Was: Code Red 2 cleanup -- SHOULD NSPs PULL THE PLUG? Solutions? z (Aug 10)
    - Re: Code Red 2 cleanup; reporting.. Mike Lewinski (Aug 09)
    - Re: Code Red 2 cleanup; reporting.. Larry Diffey (Aug 09)

(Thread continues...)