[Dshield] scans for MSADC bug?

Tod Beardsley todb at planb-security.net
Fri Nov 22 05:33:02 GMT 2002

Johannes Ullrich (Thursday, November 21, 2002, 7:48 PM) wrote:

> (and if you haven't patched your IIS servers, see if you have any
> odd outbound traffic going on).

Aside from it always being a good idea to keep up on vendor patches, is
there any reason that simply disabling the RDS junk wouldn't sufficiently
cover this particular exposure for IIS? I've been doing that since well
before Code Red, as I suspect (hope?) most IIS admins have since the
last go-around with RDS. Which was mid-1999... wow, it's been that long?


Tod Beardsley (GCIA, MCSE)
"It's okay to yell fire in a crowded theater
if the theater is actually on fire."

More information about the list mailing list