Yahoo - Code Red foreshadows evolution of cyber threats-experts
http://biz.yahoo.com/rf/010803/n0355024_2.html -- -- ____________________________________________________________________ Nature and Nature's laws lay hid in night: God said, "Let Tesla be", and all was light. B.A. Behrend The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ ravage@ssz.com www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------
On Sun, 5 Aug 2001, Jim Choate wrote:
I just love these reports! <quote> [the first] computer worm is believed to have been a program created in 1971 for air traffic controllers. Others followed in the 1980s at Xerox Corp.'s Palo Alto Research Center that were designed to post announcements and do heavy computing tasks at night when computers were idle. However, the worm experiments ended and a ``vaccine'' was written after one of the worms malfunctioned and crashed the systems. </quote> We have here yet another [new] definition of "worm" - any task that runs in the background... Jeeezzz! To top it off are the insane "damage estimates". 8 *B*illion dollars of damage??? In what universe? -- Yours, J.A. Terranson sysadmin@mfn.org If Governments really want us to behave like civilized human beings, they should give serious consideration towards setting a better example: Ruling by force, rather than consensus; the unrestrained application of unjust laws (which the victim-populations were never allowed input on in the first place); the State policy of justice only for the rich and elected; the intentional abuse and occassionally destruction of entire populations merely to distract an already apathetic and numb electorate... This type of demogoguery must surely wipe out the fascist United States as surely as it wiped out the fascist Union of Soviet Socialist Republics. The views expressed here are mine, and NOT those of my employers, associates, or others. Besides, if it *were* the opinion of all of those people, I doubt there would be a problem to bitch about in the first place... --------------------------------------------------------------------
Well, if "code red", most easily identified by buffer string 'N' is now gone, care to address the issue of what this 'X' version is? -- Mine was a 'W' for obvious reasons, but was never released openly... What say the fed/M$/etc to reality now? -- Aside from the fact that 'X' is propogating far quicker... and far noisier... ... Im not even gonna bother addressing the issue... not worth the effort. -Wilfred L. Guerin Wilfred@Cryogen.com At 07:32 PM 8/5/2001 -0500, you wrote:
http://biz.yahoo.com/rf/010803/n0355024_2.html --
-- ____________________________________________________________________
Nature and Nature's laws lay hid in night: God said, "Let Tesla be", and all was light.
B.A. Behrend
The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ ravage@ssz.com www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------
[ Re: Code-255RandomCharacters. ] Ok, Time to fix this correctly. Someone already upgraded the old one, at least 2 others have been released recently... I personally do NOT tolerate M$ products to do anything relevant in my environment, so if anyone can help us out by answering a few questions, we will have to fix M$ the hard way... First, does the IIS server have any auto-update mechanism, if so, is this dictated by a moronic registry value, variable setting, etc? If not, what is the quickest and most effective method to update (by hand and manual access) an IIS server installation? Are there any alternate methods than [this] to update the IIS server software? Other Suggestions? [ Yes, creation of exe on disk or in process, get of file from m$, and running of it with /autobullshit would work too. ] ... Now, for any competant individual on this planet, you would already realize that the intent now, if i feel like wasting time fixing the rest of the world's incompetance, is to generate a forceful update and force all of these foolish IIS servers to reinstall the newer version (with only a few less problems)... At the rate of ideal propogation, this security breach and hastle can be remedied in full in less than a week. I would strongly suggest an open petition of inquiry as to why msoft is so incapable of basic software design. In this regard, I see at least 8 totally independant mechanisms of completing this process, however, because I personally do not tolerate moronics, I will not personally create additional code until someone gives me a good reason to do so. Unless, of course, everyone continues to fail, I may waste the time, in which case i will need an individual in a politicly and logisticly neutral environment who has a simple modem, to instantiate the fix. Inversely, if everything fails, we eliminate the servers from operation. A far better solution. All I shall do is provide operational code, if so desired. Im not up for the bullshit that will result from other antics. So, anyone care to fix the world, or shall we all play incompetant sheep as always and give no heed to the potential benefits of doing something relevant or competant for once in our lives? I leave you with this... -Wilfred L. Guerin Wilfred@Cryogen.com ...
Being the whore that I am (actually, high priced call girl) I don't "not tolerate" anything. "Update" is an ambiguous word. One can download, from the Microsoft site, patches for damn near every piece of software that they sell or have sold in the recent past. Security patches (actually replacement files, not patches, for the most part) are a big favorite, though improved functionality is also popular. There are also third party products that can be bought. For instance, SecureIIS fixes known flaws and "fixes" buffer overflow exploits that haven't been found yet. (Yeah, it does what responsible programmers would have done in the first place.) Code-Red has not been successful against SecureIIS enhanced IIS. If there is some aspect not answered by this answer, feel free to ask a less ambiguous question. PHM -- Paul H. Merrill, MCNE, MCSE+I, CISSP PaulMerrill@ACM.Org "Wilfred L. Guerin" wrote:
[ Re: Code-255RandomCharacters. ]
Ok, Time to fix this correctly.
Someone already upgraded the old one, at least 2 others have been released recently...
I personally do NOT tolerate M$ products to do anything relevant in my environment, so if anyone can help us out by answering a few questions, we will have to fix M$ the hard way...
First, does the IIS server have any auto-update mechanism, if so, is this dictated by a moronic registry value, variable setting, etc?
If not, what is the quickest and most effective method to update (by hand and manual access) an IIS server installation?
Are there any alternate methods than [this] to update the IIS server software?
Other Suggestions?
[ Yes, creation of exe on disk or in process, get of file from m$, and running of it with /autobullshit would work too. ]
...
Now, for any competant individual on this planet, you would already realize that the intent now, if i feel like wasting time fixing the rest of the world's incompetance, is to generate a forceful update and force all of these foolish IIS servers to reinstall the newer version (with only a few less problems)...
At the rate of ideal propogation, this security breach and hastle can be remedied in full in less than a week. I would strongly suggest an open petition of inquiry as to why msoft is so incapable of basic software design.
In this regard, I see at least 8 totally independant mechanisms of completing this process, however, because I personally do not tolerate moronics, I will not personally create additional code until someone gives me a good reason to do so.
Unless, of course, everyone continues to fail, I may waste the time, in which case i will need an individual in a politicly and logisticly neutral environment who has a simple modem, to instantiate the fix.
Inversely, if everything fails, we eliminate the servers from operation. A far better solution.
All I shall do is provide operational code, if so desired. Im not up for the bullshit that will result from other antics.
So, anyone care to fix the world, or shall we all play incompetant sheep as always and give no heed to the potential benefits of doing something relevant or competant for once in our lives?
I leave you with this...
-Wilfred L. Guerin Wilfred@Cryogen.com
...
-- Paul H. Merrill, MCNE, MCSE+I, CISSP PaulMerrill@ACM.Org
participants (4)
-
Jim Choate -
measl@mfn.org -
Paul H. Merrill -
Wilfred L. Guerin