[Gllug] nimda

[David Irvine]

Rev Simon Rumble wrote:

 >On Wed, Sep 19, 2001 at 12:23:30PM +0100, will uttered:
 >
 >>Sometimes I really do wish someone would write a worm that would take out
 >>the server completely (ie, wipe it). Mean?  possibly but then I think
 >>putting an unpatched windows server on the internet so 
worms/s-kiddies can
 >>use it to piss off all the other internet users is pretty mean and 
selfish
 >>too.  There are entries appearing in logs caused by code red!
 >>
 >
 >Perhaps some sort of highly visible "stick" for such net abuse (ie,
 >leaving your servers unpatched for a known vulnerability) needs to be
 >developed along the same lines as the MAPS et al RBL?
 >
 >A more vigilante approach would be to take the code of the current
 >worm and modify it to drop all external connections and place a big
 >notice on the screen.  Should get peoples' attention pretty quickly.
 >
I would prefer something built into a 5 and a bit sized drive bay which
LARTS the luser every time something like this happens, preferably  with
a clue  by four  modified to carry a few thousand volts, in  fact, just
blow up the computer as well, that way you don't just answer the problem
you solve it --  That user doesnt have  access to the net, he/she gets a
very sore head, and nobody  can access the net from that computer again.

David

 >
 >
 >Many of the servers here at work are STILL down from Nimba.  I've had
 >106 attempts at my (Apache on Linux) web server.  My (real IP) web
 >server (Apache) on my Win2K box here at work is also taking hits.
 >





-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug