nanog mailing list archives
Anybody doing a "Code Green" for 1434?
From: "Stewart, William C (Bill), SALES" <billstewart () att com>
Date: Mon, 27 Jan 2003 00:35:19 -0500
Back when the Code Red worm came out, somebody wrote a program that responded to Code Red probes by using the same hole to break into the infected server and disable it. Is anybody doing that with this worm? Or does it step on the infected process too hard for that to work? Even if people don't want to run it on the open internet, due to concerns about appropriateness of reverse hacking, it might be useful for inside-the-firewall cleanup for corporations that get hit. Thanks; Bill Stewart, billstewart at att dot com bill.stewart at pobox dot com
Current thread:
- Anybody doing a "Code Green" for 1434? Stewart, William C (Bill), SALES (Jan 26)
- Re: Anybody doing a "Code Green" for 1434? Valdis . Kletnieks (Jan 26)
- Re: Anybody doing a "Code Green" for 1434? Brian Wallingford (Jan 26)
- RE: Anybody doing a "Code Green" for 1434? Phil Rosenthal (Jan 26)
- Is it time to block all Microsoft protocols in the core? Sean Donelan (Jan 27)
- Re: Is it time to block all Microsoft protocols in the core? Darren Pilgrim (Jan 27)
- Re: Is it time to block all Microsoft protocols in the core? Jack Bates (Jan 27)
- Re: Is it time to block all Microsoft protocols in the core? Rubens Kuhl Jr. (Jan 27)
- Re: Is it time to block all Microsoft protocols in the core? alex (Jan 27)
- Re: Is it time to block all Microsoft protocols in the core? E.B. Dreger (Jan 27)
- Re: Is it time to block all Microsoft protocols in the core? alex (Jan 27)
- RE: Anybody doing a "Code Green" for 1434? Phil Rosenthal (Jan 26)