Luke

Bollocks.What to do???????? Saw
FBI talking about it just now,this is getting well out of order!!!

Nexuas

??????????

News to me more info please, or I will just sit here and panic.

RJP

ChrisB

Nothing to worry about unless you are a Sys Admin responsible for web servers running IIS. Some of the hype has got out of hand (http://www.theregister.co.uk/content/4/20719.html) IMO.

If you are a Sys Admin, then you'll be sleeping easy as your server is fully patched up. It is, isn't it...?

Rebecca

I take it then that SdB is aware that Scoobynet was brought down by this worm a week or so back ?

Markus

Pretty sure that,

a) Simon knows about Code Red, and;

b) Has patched the server with the appropriate fixes.

Think that there were a few threads about this when the hack occured to the scoobynet server.

AlexM

RedAlert has already visited Scoobynet two-ish weeks ago. I presume Simon has patched Scoobynet HQ's servers so it shouldn't happen again..

It always amazes me how slow most of sysadmins are in applying patches - sometimes months or even never. To some extent they are getting what they deserve..

Cheers,

Alex

Markus

the joys of having a Apple Mac Web Server

Anyway, sod 'code red' Sircam is a right bast! the pc's here have got it and my nice little email support system has got 300 odd messages to it, all with nice little attachments containing sensitive data there are some right sick little gits out there.

thankfully my mac can't be infected, but I can pass it on though

ChrisB

Windows Update now incorporates the security hotfixes for IIS so it's not even hard to check if you are missing any.

ChrisB.

mutant_matt

<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:<HR>Originally posted by AlexM:
<B>To some extent they are getting what they deserve..[/quote]

But there are *so* many holes in IIS (both discovered and to be discovered ), coming out all the time, you can't blame the sysadmins for not being up to date - that's almost a full time job in iteself

Matt

ChrisB

<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:<HR>Originally posted by mutant_matt:
<B> But there are *so* many holes in IIS (both discovered and to be discovered ), coming out all the time, you can't blame the sysadmins for not being up to date - that's almost a full time job in iteself

Matt [/quote]


I'd be the first to agree patching IIS several times a month is a grade A pain in the ****.

However, the tools are available to take the hassle out of this. For instance, MS released the free IIS Hotfix check script which will see if you are missing any hotfixes by comparing your server to a master list on the MS website.

We've modified this to send e-mails to our Support team with an alert that a Hotfix is missing.

Yours for a beer or two...

There are also two or three very useful checklists on the Internet for securing public IIS servers against attack.

ChrisB.

Puff The Magic Wagon!

iTrader: (2)

Well this bloody patch has caused me problems

Loaded onto W2K Server with SP2 running SQL Server 7.0 with SP3

Rebooted & now got a corrupted dll & can't run up SQL at all

Don't you just love Microsoft



(P'd off & hot)

mark.coleman

Another warning on this, If you've run up a default NT install, this will install IIS.

Also anyone using Exchange server, with webmail access, which uses the IIS for connectivity is vulnerable, unless of course you're behind a tight firewall.

Mark

Puff The Magic Wagon!

iTrader: (2)

Doh! Thanks Mark - make my day

lcha

Red code patch. What a nightmare. Especially if you have 100+ servers in one location.

cheers
Lee

ChristianR

iTrader: (1)

the patch has been out for over a month!! it is just that network operators have got lazy!!!!

The red alert virus has been out for roughly 2.5weeks