Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

CODE RED WORM !! Fix your IIS !!

1 view
Skip to first unread message

and...@daviel.org

unread,
Jul 19, 2001, 8:45:03 PM7/19/01
to
[ This is a repost of the following article: ]
[ From: and...@daviel.org ]
[ Subject: CODE RED WORM !! Fix your IIS !! ]
[ Newsgroups: comp.infosystems.www.servers.ms-windows ]
[ Message-ID: <58L57.14697$h8.2...@news1.rdc1.bc.home.com> ]

There is an extremely serious Internet Worm going around. Many @Home users are infected.
This is not bulls*t.

The worm infects unpatched Microsoft IIS servers on port 80

See http://incidents.org/diary/diary.php

Fix IIS
http://www.microsoft.com/technet/security/bulletin/MS01-033.asp

--
Andrew Daviel
http://huzizit.com - transferable ID for your stuff


--
Andrew Daviel
http://huzizit.com - transferable ID for your stuff

Miguel Cruz

unread,
Jul 20, 2001, 12:38:27 AM7/20/01
to
In article <jaL57.14710$h8.2...@news1.rdc1.bc.home.com>,

<and...@daviel.org> wrote:
> [ This is a repost of the following article: ]
> [ From: and...@daviel.org ]
> [ Subject: CODE RED WORM !! Fix your IIS !! ]
> [ Newsgroups: comp.infosystems.www.servers.ms-windows ]
> [ Message-ID: <58L57.14697$h8.2...@news1.rdc1.bc.home.com> ]
>
> There is an extremely serious Internet Worm going around. Many @Home users
> are infected. This is not bulls*t.
>
> The worm infects unpatched Microsoft IIS servers on port 80
>
> See http://incidents.org/diary/diary.php
>
> Fix IIS
> http://www.microsoft.com/technet/security/bulletin/MS01-033.asp

Apparently 200,000 systems have already been infected by this.

miguel

John Groseclose

unread,
Jul 21, 2001, 1:33:36 PM7/21/01
to
In article <jaL57.14710$h8.2...@news1.rdc1.bc.home.com>,
<and...@daviel.org> wrote:

> There is an extremely serious Internet Worm going around. Many @Home users
> are infected.
> This is not bulls*t.

How are @Home users being infected by this? @Home's AUP specifically
states that you're not allowed to run a server via their connection...

--
Express your Epinion! http://caradoc.epinions.com/welcome.html?member=caradoc
Drink Coca-Cola? Read: http://www.guerrillanews.com/cocakarma/

Hywel Jenkins

unread,
Jul 21, 2001, 5:33:28 PM7/21/01
to
In article <210720011033360622%ia...@caradoc.org>, "John Groseclose"
<ia...@caradoc.org> wrote:


> In article <jaL57.14710$h8.2...@news1.rdc1.bc.home.com>,
> <and...@daviel.org> wrote:
>
>> There is an extremely serious Internet Worm going around. Many @Home
>> users are infected.
>> This is not bulls*t.
> How are @Home users being infected by this? @Home's AUP specifically
> states that you're not allowed to run a server via their connection...

Surely they only prevent users from running publicly accessible servers
over the connection? I doubt they'd clamp down on web developers that
are using @Home while running Apache or IIS to do the development.

John Groseclose

unread,
Jul 21, 2001, 7:02:09 PM7/21/01
to
In article <20010721.223327...@localhost.localdomain>,
Hywel Jenkins <hywelj...@hotmail.com> wrote:

> Surely they only prevent users from running publicly accessible servers
> over the connection? I doubt they'd clamp down on web developers that
> are using @Home while running Apache or IIS to do the development.

Maybe. But if I were doing development at home, I probably wouldn't
leave the port open to the outside world - I'd probably be doing the
development on a server that only listens to my internal network/LAN
instead of the entire world.

Of course, with five machines here, I'm not exactly your average home
user, either.

--
bi...@caradoc.org is a spamtrap - please don't copy postings via e-mail

Samuel Hughes

unread,
Jul 25, 2001, 2:18:32 PM7/25/01
to

> The worm infects unpatched Microsoft IIS servers on port 80
>

<zealot type="linux">
That's right, go to http://www.linux.com/ to read more about the fix.
</zealot>

(sorry, couldn't help myself)

0 new messages