~~~~~~~Forum Diskusi Software dan Internet untuk Kristen-Katolik~~~~~~~ Sandmind / IIS Source : http://news.cnet.com/news/0-1003-200-5893631.html?tag=ch_mh http://www.idg.net/crd_idgsearch_2.html?url=http://www.nwfusion.com/news/200 1/0511wormhit.html Pada hari Kamis, 8.800 alamat internet diserang oleh worm sandmind / IIS. Worm ini menginfeksi server yang menjalankan sistem Sun Solaris dan menggunakan server yang terinfeksi untuk menyebarkan dirinya dan sekaligus menyerang server yang menggunakan sistem Microsoft IIS dengan mengganti halaman depan homepage server dengan pesan-pesan yang anti Amerika. Diduga kuat, kejadian ini erat kaitannya dengan perang hacker pro Amerika dan pro Cina. Sebenarnya worm menggunakan celah keamanan (security flaws) yang sudah lama diketahui dan sudah tersedia perbaikannya, namun karena diduga para webmaster tidak disiplin melakukan update sehingga kedua sistem di atas dapat diserang. In English Thousands of servers connected to the Internet have been compromised by a recently discovered worm, the Computer Emergency Response Team Coordination Center and security Web site Attrition.org said Thursday. "We've received reports from over 100 sites. These indicate that several thousand Web sites running (Microsoft's) [Internet Information Server] software were defaced and that over 200 Solaris machines were compromised," CERT Internet Security Analyst Chad Dougherty said. Attrition.org, which monitors Web site defacements, said in a statement that it has received a list with 8,836 IP addresses of systems that were hit by the "sadmind/IIS worm." Although Attrition.org could only confirm 405 defacements, specialists connected to the computer security Web site believe that all systems behind the addresses were compromised at one point or another. CERT, which issued a warning on the worm on Tuesday, said it is continuing to receive reports of both IIS and Solaris machines being struck by the worm. The organization, part of Pittsburgh's Carnegie Mellon University, advises systems administrators to check if the server software has been patched. The worm penetrates a server running Sun's Solaris operating system, taking advantage of a 2-year-old security flaw. The Solaris system is set up to scan the Internet for vulnerable IIS and Solaris servers. Anti-American Web pages are posted to vulnerable IIS systems, using a security hole that was uncovered seven months ago. Solaris servers are used by the worm to propagate itself. Software patches from Sun and Microsoft have long been available to fix the problems. However, the slew of defacements shows that not every Web site administrator is diligent in plugging security holes. regards, www.vaksin.com ------ Hemat Bandwith : Hapus pesan yang tidak perlu sebelum reply ------ SUBSCRIBE---> To: [EMAIL PROTECTED], Isi/Body: kosong UNSUBSCRIBE---> To: [EMAIL PROTECTED], Isi/Body: kosong Moderator: Ronny <[EMAIL PROTECTED]>, Alex <[EMAIL PROTECTED]> Web : http://hub.xc.org/cgi-bin/lyris.pl?enter=i-kan-software
