[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Hacking my Raq4i???
- Subject: Re: [cobalt-security] Hacking my Raq4i???
- From: Jeremy Hull <jeremy@xxxxxxxxxxxx>
- Date: Mon, 06 Aug 2001 18:37:36 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Gerald Young wrote:
>
> Hi all
>
> > Consider the large number of people who buy Microsoft because they think
> > it's the best, or the number of folks who install computer systems who
> > know little about them(kinda less than Appliance Operators), or the number
> > of folks who think they can have their web pages on their own server with
> > little effort and/or knowledge) and you come up with a significant number
> > of systems that are running on autopilot...in a very large circle.
>
> Agreed I don't think it will go away is it up to the unix community to devise a
> fight back that can go back to the originating server access it and kill code
> red.
> I dont believe many windoze users will be even aware they aere infected for a
> week or two and by then it is somewhere else.
> anyway im going to write a script to email the servers that hit us and advise
> them.
> Does anyone know what email is likely to exist and/or be read i have no idea of
> how a windows server operates. ie should i send an email to
> admin@ipaddress 0r root@ipaddress
> best wishes Wampy
Your best bet would be to have your script do a whois on the network that the worm
is coming from and email the administrator. Most Windows web servers are not
running a mailer daemon.
>
> >
> > Of course, that says nothing of the idiotic zone transfer requests or
> > duplicate domain names from dim-bulbs using Win2000.
> >
> > Thom
> >
> >
> > _______________________________________________
> > cobalt-security mailing list
> > cobalt-security@xxxxxxxxxxxxxxx
> > http://list.cobalt.com/mailman/listinfo/cobalt-security
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security