Yes, but if they don't know they have code red and there machine is
unpatched, I would imagine the admin is some home user that got a cd from of
nt server and doesn't have a clue how to properly configure and secure there
box. So for the people that are still infected they have every service
known to man running and probably won't even know what to do to correct the
situation, once notified! Now because of these morons we can't run a small
personal web site, since all high speed connections will start to shut down
incoming port 80. So far mine is still up, but not sure for how much longer
since my logs have tons of cable users requesting default.ida!
Syntax : net send xxx.xxx.xxx.xxx "some msg here"
Rich
> -----Original Message-----
> From: Dave Watts [mailto:[EMAIL PROTECTED]]
> Sent: Monday, August 13, 2001 2:29 PM
> To: CF-Talk
> Subject: RE: Total Fix For Code Red
>
>
> > With a net send you only need the ip address and it will
> > pop-up an alert box on the infected machine, no reverse dns,
> > no guessing admin emails. The only thing is that someone has
> > to look at the screen to see the message.
>
> This assumes a couple of things. First, that the target machine is
> accessible via Windows Networking (NetBIOS over TCP/IP) and
> second, that the
> Messenger service is running on the target machine, and
> finally, that you
> have rights to connect via Windows Networking and send the message.
>
> Dave Watts, CTO, Fig Leaf Software
> http://www.figleaf.com/
> voice: (202) 797-5496
> fax: (202) 797-5444
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
