| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 10691 | 2001-08-07 00:15:00 | code red 2/3 | Guest (0) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 16604 | 2001-08-07 00:15:00 | just a little something i picked up off www.grc.com this morning- 'It's somewhat surprising that nobody has yet used the Code Red fiasco as an analogy. Granted that the 3 'strains' seen so far have not as yet caused any widespread disruption of the Internet. However, as has been discussed elsewhere, a new 'strain' modified in the correct fashion could conceivably bring about mayhem. This worm is spreading because of laziness, ineptitude and lack of discipline. It should never have happened, the people responsible for the continued spread of Code Red are largely the people that are paid to administer their systems in such a manner that this kind of thing never gets to happen. These people are in a profession that should put them way above the much maligned home user. There has been enough publicity about CR and the patches and warnings have been around for weeks, so how come it's happening? How come corporate servers are left unpatched? how come servers maintained by trained and supposedly proficient people are crassly and embarrassingly open to infection and propagation? As I sit and watch the incredible number of probes to port 80, very few of which are down to home users, I cannot help but wonder at the irony regarding clueless 'home users'. The 'professionals' would appear to not be so hot at securing their systems themselves, and they are supposed to lead by example. If they can't even apply simple patches against a threat that is advertised weeks in advance, what hope is there of convincing poor old 'Joe Public' that he or she should take security seriously?' This is a message from the webmaster of a local @Home users group. His observations about the use of illegal servers on @Home accounts is telling; I would not have espected that to be so prevalent: Aug 3rd - Why the site isnt there (or is it?) I'm guessing that everyone with an @Home connection thinks this website is down right now. Fortunately, they're only 1/2 correct. The site is running, but traffic to it is being blocked by the datacenter that houses the server. Why? Because right now, @Home users' unprotected illegal servers are infected producing enough traffic to saturate a pair of OC-3 fibers. And because of this, the datacenter had no choice but to block all traffic originating in @Home or RoadRunner IP ranges. The traffic alone (since their NT servers are innoculated, and the Linux servers are not suceptible) is enough to knock out a datacenter if left unchecked... I think this goes to show two things: 1) there's a lot of people running IIS in @home resential accounts and 2) there's a lot of people who are NOT running virus scanners. Right now, I'm bouncing through a secure forwarding service to write this. Anyone who's not on an @Home or Roadrunner network will be able the get in fine.... but until traffic dies to a manageable level, everyone else is SOL. ____________ Webmaster, RBUA.ORG |
Guest (0) | ||
| 16605 | 2001-08-07 01:39:00 | I like that grc.com site, reading about that DoS attack on his site was really interesting. | Guest (0) | ||
| 1 | |||||