CR worm infection attempts

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: John (EBo) David
Date:  
Subject: CR worm infection attempts
Digital Wokan wrote:
>
> It was my Apache access_log file. The only access to their system that
> I performed was to type in their IP in my browser to see if a website
> with contact info came up.


Ok... then you are clean. As much as I hate the idea of getting the FBI
or anyone involved, I hope the set something up that can track down
viruses, worms, zombies, etc., and inform people that they are
infected. That would be a godsend! If a regular person/company does it
they will be sued buy someone...

EBo --


> "John (EBo) David" wrote:
> >
> > Kim Allen wrote:
> > >
> > > I've been contacting the sites that my server logs shows that have been
> > > hitting me with the code red signature and so far no one has bothered to
> > > respond except for one. However that site has told me how secure they are
> > > and how there is no way that they have any problems. When I sent them the
> > > portions of my server logs showing they do have problem they threaten
> > > legal action. Anyone else have had this type of response?
> >
> > did you send them the server logs only or did you try telnetting to teir
> > port. As long as you did not try to gain access to their machine they
> > should not have a legal leg to stand on -- *you* are the one being
> > hacked and the finger points to them. I would tell them that if anyone
> > is going to sue anyone it will be you sueing them to get them to cleam
> > up their act. Theirs was a totally inappropriate response...
> >
> > My guess is that you talked to the sysadmin and they are under threat of
> > termination if the system becomes infected. I know of several sysadmin
> > positions that have that as a contract clause. I would be tempted to do
> > the following: contact the president/owner of the company and tell them
> > about your warm reception and explain that you did not want to make a
> > fuss you were informing them that your server is being attacked from
> > *their* machines, and if they are going to make threats then you would
> > be most happy to make a formal report/complaint to the special task
> > force in Arizona which deals with internet hacking, virus's and worms...