[Gllug] Code Red Strikeback
David Irvine
co2cool at yahoo.com
Sat Aug 11 14:10:18 UTC 2001
Stig Brautaset wrote:
> * Martin Ling <martin at pkl.net> spake thus:
>
>>If you haven't seen it on NTK already;
>>
>>http://www.dasbistro.com/default.ida
>>
>>Download the script and put it on your Apache servers.
>>
>
> There was a big argument on the debian-user-list about this; many people
> argued that even just popping a message to the user saying that his/hers
> machine was infected would be illegal -- but then again, I guess the
> majority of the people on that list is from the US...
>
> Regards, Stig
>
>
The other way you could do this is to write a program that runs on port
80 of your machine, when a connection is established, you dont
disconnect the client, that way the iis machine connected to your
machine, this script then issues the command to shut down the machine
via an outgoing connection, however the client is still connected to
your machine via the original connection. You shut down the iis machine
and it disconnects from yours.
The reason I say this is because you can then argue you are running a
service called 'Super Auto Shutdown' (Be careful if you do this M$ may
try to patent it as an inbuilt 'feature') which when connected to shuts
down the machine.
At the end of they day the iis machine 'asked' to be shut down and as a
result was.
I don't know if it would stand up in court but hey, it works for me.
/David
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list