Code Red Worm advisory
Technomage
plug-discuss@lists.PLUG.phoenix.az.us
Sat, 21 Jul 2001 21:36:40 -0700
I did some checking (per the advisory) and it appears that
my cisco 678 is already running a patched cbos (ver 2.4.1) so I was
not affacted. Given this info, it is now clear that my service outage
was caused by hardware and human issues within qwest.
Technomage Hawke
Craig White wrote:
>
> which of course - appears in my web server logs and probably in most others
> web server logs as well. I was worried about what I had to do on my apache
> server but it appears that I need not do anything.
>
> I did find this little tidbit on Cisco...
> <http://www.cisco.com/warp/public/707/cisco-code-red-worm-pub.shtml>
> this explains the problems associated with this worm and the 600 series
> routers
>
> and of course those who are running IIS servers - they need to visit
> <http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security
> /bulletin/MS01-033.asp>
>
> I would call this the full employment program for tech/security consultants.
> I checked - just for fun and <http://www.whitehouse.gov> is up and running
> so apparently they have figured out a method for deflecting the DOS attacks.
> This exploit though is certain to reverberate for quite some time.
>
> It made my week a living hell.
>
> Craig
>
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
>
> PLUG-discuss mailing list - PLUG-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
--
I will not be pushed, filed, stamped, indexed, briefed, debriefed, or
numbered!
My life is my own - No. 6