Vulnerability Development mailing list archives
RE: CR II - winME? confirmation?
From: Gregory_DeGennaro () csaa com
Date: Mon, 6 Aug 2001 09:08:23 -0700
Oliver, This is a standard attack pattern from the worm. Check your system for either the ida.dll or the idq.dll. If you do not have either of these dll files then do not worry about it. Plus, you need to have Internet service running on your box. I have not seen anyone who has been infected by this worm using a Windows 9x or ME machines. I do not have these services running and I have recieved 306 attacks in 22 hours from the worm on my *nix firewall. Steve Gibson's theory is not as scary as it seems. *nix has been using raw sockets for years. The real issue here, is never place a windows machine directly on the Internet without maintaining it properly. I would place a good hardened firewall in front of any Microsoft machine before connecting to the Internet. Greg PS- What does not make sense in the article -----Original Message----- From: Petruzel, Oliver [mailto:OliverP () aegisresearch com] Sent: Monday, August 06, 2001 8:01 AM To: VULN-DEV () securityfocus com Subject: CR II - winME? confirmation? ok, this makes no sense, and ive only see it one place: http://www.securitynewsportal.com/article.php?sid=1367 I'm just wondering if this is popping up anywhere else. If it is, then it cant be CR2 as we know it, and it opens up a can of worms that is scary. Similar even, to Steve Gibson's prediction that a consumer based OS with a big hole would do serious damage. but again, since IIS is CR, then this was either a big fat anaonymous lie, or something different. Anyone seen any discussion on this? -o.p.
Current thread:
- CR II - winME? confirmation? Petruzel, Oliver (Aug 06)
- Re: CR II - winME? confirmation? Blue Boar (Aug 06)
- <Possible follow-ups>
- RE: CR II - winME? confirmation? Petruzel, Oliver (Aug 06)
- RE: CR II - winME? confirmation? Gregory_DeGennaro (Aug 06)