Anybody doing a "Code Green" for 1434?
Brian Wallingford
brian at meganet.net
Mon Jan 27 06:42:00 UTC 2003
On Mon, 27 Jan 2003, Stewart, William C (Bill), SALES wrote:
:
:Back when the Code Red worm came out, somebody wrote a program
:that responded to Code Red probes by using the same hole to
:break into the infected server and disable it.
:Is anybody doing that with this worm?
I understand your point, but:
Wouldn't such a mechanism simply help to foster the laziness of those
whose machines helped propagate this issue (by delaying their awareness of
the problem and the need for their intervention)?
:Or does it step on the infected process too hard for that to work?
:
:Even if people don't want to run it on the open internet,
:due to concerns about appropriateness of reverse hacking,
:it might be useful for inside-the-firewall cleanup
:for corporations that get hit.
Might be. Let those inside worry about that (imho).
-brian
More information about the NANOG
mailing list