RE: [FW1] New worm on the road?

[enash]

Well just to add my 2 cents.  I feel that if an administrator chooses to run a Microsoft web server.  Than he should make it part of his daily regiment that when he has his morning cup of coffee he sits down and reads the latest bug reports available on the web, including  checking the manufactures web sites for current patch releases.  There for if his server is ever infected again with anything like Nimba or code red style of worms then he can be held responsible.   The only thing I hate is the fact that every other second my web server is being hit with another "compromised IIS box's" .  Only if every admin in the world understood Unix.  If I were an NT admin I would go to the book store and pick up a book on Unix then convince the "brass" to switch.    This is just my 2 cents some of you may not agree with me.  For those of you that don't, you just give others machines to compromise when they have 5 minutes to spare before heading out to dinner with their families.   Happy Virus Scans. =)   Shane Hambleton Network Security Engineer CCSA-CCSE-CCSI       -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Patrick Coomans Sent: Monday, September 24, 2001 7:05 AM To: [EMAIL PROTECTED] Subject: Re: [FW1] New worm on the road? Just an idea, but why not create a public blacklist with "persistent" unpatched web servers who re-propagate the Code Red and Nimda-style of worms over and over again  -  style orbs.org ??   Then all ISP's could use this blacklist to block all outgoing http from those servers.   Maybe this already exists and I am not aware of it.     Patrick Happy Apache-user