[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] Re: Code Red Special Effects (WAS: Hacking my Raq4i???)

Subject: RE: [cobalt-security] Re: Code Red Special Effects (WAS: Hacking my Raq4i???)
From: "Simon Wilson" <simon@xxxxxxxxxxxxx>
Date: Tue, 7 Aug 2001 10:18:05 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

SNIP
2.  However:
     a)  if you have Frontpage extensions or the ChiliSoft! extensions
installed, you are running ISAPI filters and there is discussion in the vuln
groups that these will be susceptible to the newer variants and mutations of
Code Red.  Remove and disallow ALL FrontPage extensions.
SNIP

I read above and am now a bit concerned. We are running ChiliSoft!
extensions but not Frontpage does this mean we are still vulnerable?
I would look at the discussion in 'the vuln groups' but I don't know what or
where they are.
One other quick question our IP address starts 212.78. most attacks on us
also start 212.78. does this mean they are on the same farm as us or is
there some other reason? spoofing?

Thanks
Simon



_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security

References:
- [cobalt-security] Re: Code Red Special Effects (WAS: Hacking my Raq4i???)
  - From: Michael J. Cannon

Prev by Date: Re: [cobalt-security] RE: OT: Mail to Windows Admins (WAS: Hacking Hacking My RAQ4i)
Next by Date: RE: [cobalt-security] OT: Mail to Windows Admins (WAS: Hacking m y Raq4i???)
Previous by thread: [cobalt-security] Re: Code Red Special Effects (WAS: Hacking my Raq4i???)
Next by thread: Re: [cobalt-security] Re: Code Red Special Effects (WAS: Hacking my Raq4i???)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index