[Gllug] Code Red Strikeback
Vincent AE Scott
vince at codex.net
Sat Aug 11 22:09:21 UTC 2001
On Sat, 11 Aug 2001, David Irvine wrote:
> Stig Brautaset wrote:
> > * Martin Ling <martin at pkl.net> spake thus:
> >
> >>If you haven't seen it on NTK already;
> >>
> >>http://www.dasbistro.com/default.ida
> >>
> >>Download the script and put it on your Apache servers.
> >>
> >
> > There was a big argument on the debian-user-list about this; many people
> > argued that even just popping a message to the user saying that his/hers
> > machine was infected would be illegal -- but then again, I guess the
> > majority of the people on that list is from the US...
> >
> > Regards, Stig
> >
> >
>
> The other way you could do this is to write a program that runs on port
> 80 of your machine, when a connection is established, you dont
> disconnect the client, that way the iis machine connected to your
> machine, this script then issues the command to shut down the machine
> via an outgoing connection, however the client is still connected to
> your machine via the original connection. You shut down the iis machine
> and it disconnects from yours.
exactly how is this going to work?
the far end connevts to you from <some random port> to your machine on
<80>. you cant just talk back along his connection and end up connected
to the web server's port.
-vince
p.s. hal could be taking its toll on me, and in the cold light of day i'll
realise what a ghastly mistake i've made.
--
PGP key: http://codex.net/pgp/pgp.asc
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list