Date: Sun, 19 Aug 2001 00:30:50 -0400 (EDT) From: Jim Durham <durham@w2xo.pgh.pa.us> To: <freebsd-security@freebsd.org> Subject: Code Red is from default setup Message-ID: <Pine.BSF.4.33.0108190020340.1238-100000@jimslaptop.int>
next in thread | raw e-mail | index | archive | help
My friends who have to deal with M$ server things tell me that the default setup for Win2k server is that the IIS server is installed. This means that a clueless person installing Win2k server is probably not going to uncheck the little box that says to install it. So, there is this lovely little IIS server sitting there just waiting to be infrected by Code Red. I have tried doing an HTTP connect to perhaps 20 IP addresses collected from "Code Red" attempts on my web server and they *all* report "This page under construction". I believe these are web servers that are running unknown to their owners. If this is the case, then they are *not* going to patch their IIS servers because they probably don't know they have them, and this silliness is going to keep right on going 8-(. One downside of this is that ISPs are starting to block port 80 in an attempt to kill the bug and those of us who have had the ability to run web service on our home DSL or cable services are probably going to lose that ability. Thanks, Bill.... -Jim Durham To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.33.0108190020340.1238-100000>