> With the above facts in place wouldn't be possible to, on 
> your server (i.e. the thing that's being attacked) :-
> 
> a) add an association for .ida to point to the coldfusion 
> engine.
> 
> b) create a default.ida in which one captures the remote 
> address of the system trying to do the exploit.
> 
> c) having grabbed the address do a cfhttp back to that 
> address using the backdoor created in code red V3 to disable 
> ( or maybe fix ) that system. I was going to attach the code 
> to do it but..................
> 
> Or is this totally unethical - love to hear your thoughts

I think that it would be wrong to compromise someone else's system, even for
ostensibly good goals.

Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

Reply via email to