Possible attack; opinions wanted
Bill Horne
bill at horne.net
Thu Jul 18 10:21:41 EDT 2002
----- Original Message -----
From: "Jim Long" <jimlong at engineer.com>
To: <discuss at blu.org>
Sent: Thursday, July 18, 2002 9:52 AM
Subject: Re: Possible attack; opinions wanted
> Bill Horne said:
> > Since the introduction of the Code
> > Red/Nimda/whatever IIS worms, I've seen these
> > scrolling through my logs pretty regularly
> > ....Pretty harmless as long as you're not running IIS,
Sorry, someone else said that.
> The patches for IIS have been available for about a year.
> IIS is pretty secure as long as you keep up with the
> patches and practice good systems administration like
> only allowing necessary ports through the firewall and
> removing unnecessary services from the server.
The problem is that every small business owner who wants to be "on the web"
is trying to set up NT/W2K by themselves. It may even enable IIS by default:
since the site that was sending to me didn't even have a default web page, I
suspect they didn't even know it was running.
Keeping up with M$ patches can cause more problems then it solves, i.e.,
when I installed the cumulative patch for IE 5 on the Windows partition of
my home machine, it broke Netscape.
Bill "Now, if I can just get my wife to use Linux ..." Horne
More information about the Discuss
mailing list