Hi All!
I had to unsubscribe for a little while due to the volume but did want to
follow up on the Code Red catcher script. Anyone wanting a new copy of the
script, please email me directly. I made a gob of changes to the original
code, slimming it down some and improving the lookups just a bit.
What I DIDN'T expect was the reporting of over 100 Code Red attack reports
per day. My word!! Obviously, the problem is STILL ongoing and far worse
than has been reported in the news.
Mind you, I run a teeny-tiny, no-great-shakes, niche-ISP business. We're
hardly mentioned in search engines and due to the type of data mining and
collation we do, we're also hardly interesting. This leads me to believe
that Code Red is still rampant and hungrily devouring as much of the 'net's
bandwidth as it can grab from as many locations as it can. Those large
ISP's serving millions of hits a day (as opposed to our meager 20 million a
month) must be suffering!
Never have I been so grateful for Linux, Apache, and PHP. Having a little
door-guard watching the fort written in a language all-but immune to the
attacks has certainly opened my eyes and made me aware that even still, many
people on the net are completely irresponsible about their updates and their
security.
I won't lay the blame entirely at Microsoft for leaving such inexcusably
wide holes in products destined for interaction with the Web, but I'll
certainly lay a god bit of it on those who insist on using M$ software,
putting it directly on the net with no firewall and no updates. Putting the
PHP Code Red detector script online has really shown me how bad the problem
really is...and STILL is!
Bottom line, Hooray for PHP and Hooray for Apache... what a great
combination!
Best regards,
Bill
<http://www.>
