[unisog] Cost of the worm......

Gary Flynn flynngn at jmu.edu
Fri Aug 10 13:02:20 GMT 2001


Paul L Schmehl wrote:
> 
> Hallelujah!!!
> 
> Maybe now folks will get a clue and start patching.  Or the clueful will
> take the clueless out back and beat them senseless. :-)

Assuming their AUP doesn't prohibit servers, this is another example 
of the innocent being punished because of the actions of the guilty.
The guilty who released the worm and the guilty who don't maintain
their computers.

I think CodeRed in its present form should be called "evolve". I find 
myself sometimes wishing that someone would release "die" or "extinct"
for those servers that still aren't patched after weeks of high profile
media coverage.

> --On Thursday, August 09, 2001 10:26 AM -0400 "Fred A. Miller"
> <fm at cupserv.org> wrote:
> 
> > Cost of the worm
> >
> > "In a move unsurprising to those of us who have had interactions with
> > their
> > so-called customer support, AT&T Broadband and Excite at Home are
> > indefinitely filtering all incoming traffic on http port 80 for
> > residential customers. They could have cut access to those running
> > compromised servers, but instead chose to deny the ability to run a web
> > server to all subscribers to their service. DSL anyone?" DSL won't save
> > you. Verizon is apparently also blocking port 80 for their DSL
> > customers, in addition to blocking outgoing port 25 and requiring use of
> > Verizon's SMTP servers to send email."
> >
> > http://slashdot.org/articles/01/08/09/0323208.shtml
> >
> > --
> > ----/ /  _                    Fred A. Miller
> > ---/ /  (_)__  __ ____  __    Systems Administrator
> > --/ /__/ / _ \/ // /\ \/ /    Cornell Univ. Press Services
> > -/____/_/_//_/\_,_/ /_/\_\    fm at cupserv.org
> 
> Paul L. Schmehl, pauls at utdallas.edu
> http://www.utdallas.edu/~pauls/
> Supervisor, Support Services
> The University of Texas at Dallas
> AVIEN Founding Member


-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/info-security/engineering/runsafe.shtml



More information about the unisog mailing list