[rescue] Re: New worm?
BSD Bob the old greybeard BSD freak
rescue at sunhelp.org
Thu Sep 20 15:02:52 CDT 2001
> What does a nimda-infected machine _do_ with the files it requests from a
> server? Infect them and send 'em back? Run 'em?
AFIK.
> Any chance of setting up a "honeypot" that, unlike the LaBrea program
> already mentioned, actually honors the "GET" and feeds the requestor
> something that will blow it up?
Lessee... send back a script with an rm -fr and let 'er rip!
There are rm.exe's patterned after the UNIX equivalent, that
I use on my dos boxes and PUKE winblows NT crate. It is amazing
what a few good UNIX tools will do on a winblows box.
Nah, not good nettiquette to suggest such responses.......... yet!
Bob
More information about the rescue
mailing list