[rescue] New worm?
Greg A. Woods
rescue at sunhelp.org
Wed Sep 19 23:29:35 CDT 2001
[ On Wednesday, September 19, 2001 at 23:40:28 (-0400), Patrick Giagnocavo wrote: ]
> Subject: Re: [rescue] New worm?
>
> just for fun, I grepped for "default.ida", you know, the code red worm
> that everyone knew about say a month ago? 5 hits since yesterday on one
> machine, 10 on another.
Yeah, I have 12 CodeRed hits since yesterday too, from 6 unique
hosts....
I don't know why these virus/trojan/worm writers don't just write a
really good one that totally obliterates ever M$ server into the ground
and be done with it. Even the "default.ida" bug could have been used to
leverage into some other bug that provided more privilege. There's
probably even some way to nuke a Windoze machine in such a way that it
can't even be re-installed (and I'm not even thinking of nasty stuff
like zapping the BIOS FlashRAM or anything! ;-). I know -- reinstall
FreeBSD on it from the network! ;-)
(Yah know I didn't know until just a day or so ago that "Code Red(tm)"
is a Mountain Dew slogan! I saw it on a poster when I was driving by a
7-11 the other day! It's kinda funny here in Canada though, given that
the Dew has no caffeine in it here! ;-)
--
Greg A. Woods
+1 416 218-0098 VE3TCP <gwoods at acm.org> <woods at robohack.ca>
Planix, Inc. <woods at planix.com>; Secrets of the Weird <woods at weird.com>
More information about the rescue
mailing list