RE: [FW1] New worm on the road?

["enash" <enash@FW1-NOSPAMgte.net>]

Wow!!  calm down boy!  think you had a bit to much coffee.  Well from the way you make it sound you are one in depth guy huh.  well congrats on the idea of the resource that was so hard for the rest of us to think of.  Ill stay with my Unix machines and the open source community.  =)

 

 

 

-----Original Message-----
From: Chontzopoulos, Dimitris [mailto:dimitris.chontzopoulos@megatrust.gr]
Sent: Wednesday, September 26, 2001 11:39 AM
To: 'enash'
Subject: RE: [FW1] New worm on the road?

You don't have to install Unix in order to be virus-free... Just add a f****** resource and that will do it. Is it so hard to think of it??? I don't think so... It is just that the world is full of incompetent guys trying to install something without first knowing it in depth. That goes for FW-1 too. There are many-many-many-many-many incompetent guys trying to install it just by visiting Phoneboy.com first... IT A DAMN SHAME!!!

 

Kind Regards,




Dimitris Chontzopoulos
IS Administrator



Megatrust Securities S.A.
4, Kapsali Str.
Athens, Greece
Telephone : +3 01 7262403
Fax       : +3 01 7262095
e-mail    : dimitris.chontzopoulos@megatrust.gr

IT Help Desk Support : +3 01 7262400

DISCLAIMER
-----------------------------------------------------------------
- This message is intended only for the use of the person(s)    -
- ("Intended Recipient") to whom it is addressed. It may        -
- contain information, which is privileged and confidential.    -
- Accordingly any dissemination, distribution,copying or        -
- other use of this message or any of its content by any person -
- other than the Intended Recipient may constitute a breach of  -
- civil or criminal law and is strictly prohibited. If you are  -
- not the Intended Recipient, please contact the sender as soon -
- as possible.                                                  -
-----------------------------------------------------------------

-----Original Message-----
From: enash [mailto:enash@gte.net]
Sent: Tuesday, September 25, 2001 5:57 AM
To: Patrick Coomans; fw-1-mailinglist@beethoven.us.checkpoint.com
Subject: RE: [FW1] New worm on the road?

Well just to add my 2 cents.  I feel that if an administrator chooses to run a Microsoft web server.  Than he should make it part of his daily regiment that when he has his morning cup of coffee he sits down and reads the latest bug reports available on the web, including  checking the manufactures web sites for current patch releases.  There for if his server is ever infected again with anything like Nimba or code red style of worms then he can be held responsible.   The only thing I hate is the fact that every other second my web server is being hit with another "compromised IIS box's" .  Only if every admin in the world understood Unix.  If I were an NT admin I would go to the book store and pick up a book on Unix then convince the "brass" to switch. 

 

This is just my 2 cents some of you may not agree with me.  For those of you that don't, you just give others machines to compromise when they have 5 minutes to spare before heading out to dinner with their families.

 

Happy Virus Scans. =)

 

Shane Hambleton

Network Security Engineer

CCSA-CCSE-CCSI

 

 

 

-----Original Message-----
From: owner-fw-1-mailinglist@lists.us.checkpoint.com [mailto:owner-fw-1-mailinglist@lists.us.checkpoint.com]On Behalf Of Patrick Coomans
Sent: Monday, September 24, 2001 7:05 AM
To: fw-1-mailinglist@beethoven.us.checkpoint.com
Subject: Re: [FW1] New worm on the road?

Just an idea, but why not create a public blacklist with "persistent" unpatched web servers who re-propagate the Code Red and Nimda-style of worms over and over again  -  style orbs.org ??

 

Then all ISP's could use this blacklist to block all outgoing http from those servers.

 

Maybe this already exists and I am not aware of it.

 

 

Patrick

Happy Apache-user