|
Security Incidents
mailing list archives
Re: Large ISP response to Code Red?
From: Blake Frantz <blake () mc net>
Date: Tue, 31 Jul 2001 10:10:35 -0500
Anything in particular that you have in mind for an SP to do 'to prevent
an
even worse reinfection phase' which is specific to Code Red? It's
probably
I downloaded the RedCode Scanner from eEye at
http://www.eeye.com/html/Research/Tools/codered.html
scanned our IP space (dial-ups included), contacted (by phone) the admins of
the vulnerable servers, and emailed them the step by step instruction on how
to patch their servers (which can be found here) :
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutio
ns/security/topics/codeptch.asp
Additionally, rules have been added to our IDS to detect RedCode activity.
Blake Frantz A+, CNA, CCNA, MCSE
Network Security Analyst
mc.net
720 Industrial Drive #121
Cary, IL 60013
phn: (847)-594-5111 x5734
fax: (847)-639-0097
mailto:blake () mc net
http://www.mc.net
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
 By Date 
By Thread
Current thread:
- RE: Large ISP response to Code Red?, (continued)
|
Intro
