[TriLUG] More code red data

Donald Ball balld at webslingerZ.com
Fri Aug 10 08:58:08 EDT 2001


On Fri, 10 Aug 2001 RobbyD at bops.com wrote:

> Since I run a webserver also, I'd second Mike's response. My weblogs show a
> few thousand 404 errors and the such, but I don't think you can do much that
> they're already doing to fix the problem.

they _could_ sniff the network for code red attacks, kill the network
service for all infected computers, and point aggrieved customers to the
patch. that would be a bit heavy-handed, but definitely legit under item
6c of the terms and conditions (http://www.nc.rr.com/rr/terms.htm).

> The 802.11b security flaw mentioned yesterday on Slashdot was interesting, I
> hope that made it into the meeting last night on security in one form or
> another (i.e. don't assume the link layer offers security, even more so with
> wireless technologies). Good reason to start using DMZs and SSH/SSL
> tunneling.

my motto - always assume you're being sniffed. use WEP, but don't trust
it. use access control based on ethernet address too, but don't trust that
either.

- donald




More information about the TriLUG mailing list