OT - Shrapnel Games server hit by Code Red?!?

[Lerchey]

Just as an FYI, if you are fully patched against Code Red (v1) on your IIS server, you won't be infected by the subsequent Versions. The new Versions have changed the signature (so an intrusion detection system "IDS" won't see it via the same ruleset that spotted the original) and one of them now installs a back door on your machine. You can get specific details at www.sans.org.

Thus, if Code Red didn't kill shrapnel's server, Code Red II and III won't either.

Richard, good job applying the patch before you got nailed, even if the cure still caused pain.

Col. John

[Lerchey]

DMM,

The biggest problem with taking any measures against worm creators, etc., is finding them. It's relatively easy to determine contact info for someone who got infected, and thus, subsequently attacked you; but that is typically a clueless user who knows nothing about security, and should not be held to a very high level of responsibility.

If the geeks that wrote Code Red can be found, they should be tortured to death, slowly, and with intense pain, over a long period of time, televised live around the world. That is the only kind of message (IMHO) which will stop this nonsense.



Col. John

[geoschmo]

quote:

---

Originally posted by dmm:
Anybody care to propose a solution (no matter how draconian) to the hacker problem?

---

My sentance would be one day of incarceration. Seem too lenient? Well, does it help that it would be in the general population at a real pennitentary?

24 hours with some real criminals would teach the little punkettes to stay on the straight and narrow, if they made it out alive. At the very least they would have trouble sitting for a while, and that would make it kind of hard to get back to work at the old computer.

MUHHAHAHAHAHAHAHA!

Geo