North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Code Red 2 cleanup; reporting..
FWIW, I just tried to telnet to the 20 most recent hosts I got Code Red II probes from, and didn't get a shell prompt on any of them. Are people cleaning up their boxes that quickly? -C On Thu, Aug 09, 2001 at 02:19:19PM +0800, Mathias K?rber wrote: > > > Is there an effort abound that would allow for lists of verified 'Code > > Red 2' infected hosts to be reported for cleanup/mitigation? > > By known 'Code > > Red 2' infected hosts, I mean that root.exe has been found to exist on the > > host. > > > > Finding the contact information for a lot of these is proving difficult > > being that a fair amount of the infected machines are Joe Blow broadband > > customers. > > Publishing such lists is IMHO not a good idea, as these hosts are vulnerable and > publishing their addresses would only serve to let more crackers know where to > go.. > -- --------------------------- Christopher A. Woodfield firstname.lastname@example.org PGP Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB887618B