|
-
August 15th, 2001, 07:07 AM
#1
If I were a hacker ...
Hackers normally have to scan the Internet looking for vulnerable systems. However, every Code Red probe I get identifies a system that doesn't have the latest MS patch.
I wonder how many hackers are installing their own Trojans in Code Red infected systems?
------------------
Jerry CTX
Computer (In)Security
-
August 15th, 2001, 04:41 PM
#2
Some I spose. You won't be able to track all thos hits you get down - try it 
-
August 15th, 2001, 06:03 PM
#3
Been gone for awhile, but have an observation. Some sources imply/say Code Red is big and bad, while others indicate not a problem. Which is it jerryctx, or is the info on your site?
Or how about a short educational piece of your thoughts on the subject.
------------------
Seek knowledge and all else will follow
Please post back results - Press Ctl D to bookmark
Information
-
August 15th, 2001, 07:58 PM
#4
Nothing on my site... Too many others tracking viruses and I don't cover server problems (Code Red only infects MS servers). A search of the web for "Code Red" should turn up lots of sites.
It is "bad" in the sense that it has probably infected more servers than any other worm and it is affecting performance on the Net.
------------------
Jerry CTX
Computer (In)Security
-
August 15th, 2001, 08:07 PM
#5
I thought Code Red only used IIS machines as "zombies" to lauch Denial Of Services attacks on goverment sites... Am I missing Something?!? I've also read it only affects IIS4 and 5. I've heard different things about IIS6, WinXp Server...
------------------
Don't click this!!!
Do'nt take a Shock Rifle to a Flak Cannon fight...
-
August 15th, 2001, 09:10 PM
#6
MiseryQ, that's true of the original Code Red, but the fact that a machine got infected with it reveals an underlying vulnerability - you know for sure that machine hasn't been patched. Code Red 2 includes installing a backdoor as part of its payload, so it would be trivial to launch CR2 at a machine then use that backdoor to mess with it. Or you could create your own custom attack. Basically, instead of servers sitting and silently waiting for a chance attack, you have servers jumping up and down yelling "Attack me! I'm insecure!" to the rest of the world.
Safe computing is a habit, not a toolkit.
-
August 16th, 2001, 09:27 AM
#7
Would this be why that only certain segments of the web have had problems? Seems like the problems come and go.
------------------
Seek knowledge and all else will follow
Please post back results - Press Ctl D to bookmark
Information
-
August 16th, 2001, 11:49 AM
#8
Yet another reason to run Unix/Linux servers. Fortunately the majority are. I had that figure around here somewhere.... Oh yes, here it is. Approximately 62% of all internet servers run Apache, on Unix/Linux, that leaves 38% running various combos of MS NT, 2000, Novell, Solaris, blah, blah. Really though, is it that hard for the IT person to install a simple patch? Jeez, isn't that what this person is supposed to be doing for a living?
------------------
A)bort,R)etry,I)nfluence with a large hammer.
A)bort,R)etry,I)nfluence with a large hammer.
-
August 16th, 2001, 01:24 PM
#9
NeoGeek...
not to be a pain, but could you document your sources....I think that figure is a little out dated...
don't get me wrong, I'd use my linux box over an NT machine for any server stuff...
I just think the figures are a little wrong...
maybe I'm wrong though...
------------------
Mark
------
Please remember to post back about the updated status of your inquiry, we're here to help!
-
August 16th, 2001, 01:52 PM
#10
http://www.netcraft.com/survey/
------------------
A)bort,R)etry,I)nfluence with a large hammer.
A)bort,R)etry,I)nfluence with a large hammer.
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
