Anybody doing a "Code Green" for 1434?

• Previous message (by thread): UDP/1434 --- request for raw data and/or logs
• Next message (by thread): Anybody doing a "Code Green" for 1434?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Back when the Code Red worm came out, somebody wrote a program
that responded to Code Red probes by using the same hole to
break into the infected server and disable it.
Is anybody doing that with this worm?
Or does it step on the infected process too hard for that to work?

Even if people don't want to run it on the open internet,
due to concerns about appropriateness of reverse hacking,
it might be useful for inside-the-firewall cleanup 
for corporations that get hit.

	Thanks;  Bill Stewart, billstewart at att dot com
			bill.stewart at pobox dot com

• Previous message (by thread): UDP/1434 --- request for raw data and/or logs
• Next message (by thread): Anybody doing a "Code Green" for 1434?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]