CR worm infection attempts

Digital Wokan plug-discuss@lists.PLUG.phoenix.az.us
Sun, 12 Aug 2001 17:58:22 -0400 

It was my Apache access_log file.  The only access to their system that
I performed was to type in their IP in my browser to see if a website
with contact info came up.

"John (EBo) David" wrote:
> 
> Kim Allen wrote:
> >
> > I've been contacting the sites that my server logs shows that have been
> > hitting me with the code red signature and so far no one has bothered to
> > respond except for one. However that site has told me how secure they are
> > and how there is no way that they have any problems. When I sent them the
> > portions of my server logs showing they do have problem they threaten
> > legal action. Anyone else have had this type of response?
> 
> did you send them the server logs only or did you try telnetting to teir
> port.  As long as you did not try to gain access to their machine they
> should not have a legal leg to stand on -- *you* are the one being
> hacked and the finger points to them.  I would tell them that if anyone
> is going to sue anyone it will be you sueing them to get them to cleam
> up their act.   Theirs was a totally inappropriate response...
> 
> My guess is that you talked to the sysadmin and they are under threat of
> termination if the system becomes infected.  I know of several sysadmin
> positions that have that as a contract clause.  I would be tempted to do
> the following: contact the president/owner of the company and tell them
> about your warm reception and explain that you did not want to make a
> fuss you were informing them that your server is being attacked from
> *their* machines, and if they are going to make threats then you would
> be most happy to make a formal report/complaint to the special task
> force in Arizona which deals with internet hacking, virus's and worms...
> 
>   EBo --
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
> 
> PLUG-discuss mailing list  -  PLUG-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss