[ale] CodeRed Popups?
Michael Smith
MSmith at webtonetech.com
Mon Aug 13 12:15:06 EDT 2001
Done that..... I couldn't get it to work... At least when I run smbclient
using the IP option...
Mike
-----Original Message-----
From: Jonathan Rickman [mailto:jonathan at xcorps.net]
To: ale at ale.org
Sent: Monday, August 13, 2001 12:10 PM
To: Robert L. Harris
Cc: Atlanta Linux Enthusiasts
Subject: Re: [ale] CodeRed Popups?
On Mon, 13 Aug 2001, Robert L. Harris wrote:
> Yes I'm getting scanned by CodeRed, surprise surprise. As a thought
> since I, to a degree, understand the ethics of the "can't shut their
> server down with the backdoor" argument, how about putting up an html
> page that issues a single "popup" window with big Flashing letters that
> says "You have been infected."...
>
> Not 500 pages, but if a server scans my box, just throws up a single
> message that they've been infected and lets them go their merry way.
>
> This for alot of headless machines won't do squat, but for those people
> running it at home on cablemodems and the like could even throw in a link
> to the patch.
>
> Based on the url it's scanning for and the nature of the servers, is
> this even possible? Anyone have any code that'll do this?
I suppose you could rig up something to send a WinPopup message back to the
box,
but I doubt it'd be worth the trouble. Ironically enough, you might run into
trouble getting past their firewall (if they have one) over NetBIOS.
--
Jonathan Rickman
X Corps Security
http://www.xcorps.net
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message
body.
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list