[Dshield] fighting back against CodeRed

security@admin.fulgan.com security at admin.fulgan.com
Tue Aug 7 14:34:46 GMT 2001


>> Lets take action to patch other folks machines


MR> Let us say for the sake of argument that one of these machines belongs to the 
MR> Pentagon...or similar.... I wouldn't like to explain to them what I'm doing 
MR> in their system.

MR> Similarly when the lawyers from MichaelMouse ISP come a  calling on behalf of 
MR> one of  their client who claims that you have damaged his system after the 
MR> "upgrade"  goes pearshaped and the box cannot be resurrected?

MR> putting aside these minor quibbles, it is, if not actually illegal, certainly 
MR> unethical. Tampering with other peoples kit is wrong.......full stop.

Not alone is it completely illegal to do so (remember: ANY use of some
else's network or computer without aproval is illegal), it is also
very dangerous.

Why ? Simply because the patching mechanism 1/ Won't remove the
trojaned explorer.exe all by itself: this requires a couple of reg key
writing and a reboot 2/ You need to force a reboot on a machine that
might be in the middle of an important transaction. Sure, transactions
are made to be rolled back, but it could still cause the loss of a lot
of time, hence money.

Good luck, Stephane

-- 
Best regards,
 security                            mailto:security at admin.fulgan.com




More information about the list mailing list