nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Code Red 2 cleanup; reporting..

From: Andrew McNamara <andrewm () connect com au>
Date: Thu, 09 Aug 2001 17:40:57 +1000


   Yes, I think that your observation is obvious.. publishing lists of
infected hosts is a bad idea.     My question was asking if there was an
unofficial mitigation process to notify the end-use and/or the providers
involved for clean-up efforts.


I'm not sure if this is what you are asking for, but SecurityFocus is
operating a Code Red notification service:

Date: Sun, 5 Aug 2001 10:50:22 -0600
To: bugtraq () securityfocus com
From: aleph1 () securityfocus com
Subject: Infection Notification
--------

If you'd like to help us notify users they are infected please send
offending IP data to aris-report () securityfocus com. Please use the
following format:

IP ADDRESS DATE/TIME WITH TIMEZONE

Or something similar to this. Please ensure the information is
constrained to IP address and date per line as we do our notification
automatically and our systems need to be able to understand the
data you send us.

-- 
Elias Levy
SecurityFocus.com
http://www.securityfocus.com/
Si vis pacem, para bellum


 ---
Andrew McNamara (System Architect)

connect.com.au Pty Ltd
Lvl 3, 213 Miller St, North Sydney, NSW 2060, Australia
Phone: +61 2 9409 2117, Fax: +61 2 9409 2111
Previous By Date Next
Previous By Thread Next

Current thread: