Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

RE: CR II - winME? confirmation? (Slightly OT)

From: Gregory_DeGennaro () csaa com
Date: Wed, 8 Aug 2001 14:42:23 -0700 
Greg

LOL ...

I believe most of the 1000+ blocked scans a day that come across my firewall
have the same user or system administrator mentality.  I did three OS scans
with nmap against three violators and all of them turn up to be W2K running
IIS on my cable network.  I wanted to see who was not being responsible ...
:-)

Greg
 

-----Original Message-----
From: Gregory McCann [mailto:cambria () owt com]
Sent: Tuesday, August 07, 2001 6:28 PM
To: Amer Karim; VULN-DEV List
Subject: Re: CR II - winME? confirmation? (Slightly OT)


On 8/7/2001 at 4:55 PM Amer Karim wrote:


I just came across a situation today where one of my clients
asked me to have a look at his home system since it was behaving rather
strangely.  Found out he was running W2K Pro w/ IIS installed (had a site
running w/ pics of his family), and when I asked him if he'd patched it for
the original CR he just gave a blank look - followed by "I though that was
only for servers." ...I just about put my head through the wall.


Hard to blame him when even the SecurityFocus web site says of CR2, "only
web servers are vulnerable -- home PC users are generally immune".

http://www.securityfocus.com/news/232


Greg
Previous By Date Next
Previous By Thread Next

Current thread: