[Dshield] Re.: Shell-Autoresponder for Apache
jochen at erwied.de
Wed Nov 14 06:41:49 GMT 2001
On Tue, Nov 13, 2001 at 05:48:59PM -0500, Johannes B. Ullrich wrote:
> Using this script may be considered illegal. I am not a lawyer, so
> please contact yours if you are in doubt. I did allow it to the list as
> this list is supposed to be as unfiltered as long as posts are not
> redundant and security related. The script claims to pop up a dialog box
> and display a warning message on nimda infected PCs. This message
> identifies the writer of the script, which is another reason for me to
> believe that there is no malicious intent in using this script.
Some points to take into account:
- The machine which gets the popup is already infected.
So I think, it's better to get a message box instead of some other
- Most people do not seem to know anything about the infection.
- The script can be seen as an exploit. But I personally don't think it
should be considered destructive.
- To put it in other words: If you leave the door open, don't wonder if
you have unwanted visitors.
I already had two responses to this script, both were very surprised what
Jochen Erwied | home: jochen at erwied.de +49-208-38800-18, FAX: -19
Sauerbruchstr. 17 | work: joe at mbs-software.de +49-2151-7294-24, FAX: -50
D-45470 Muelheim | this place is for rent. contact me for details!
More information about the list