No, I have reinstalled the patch several times now. I have not needed to
add any additional software to my machine other the yesterday afternoon with
IIS Secure.
Steve
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Michael Abbott
Sent: August 7, 2001 6:46 AM
To: [EMAIL PROTECTED]
Subject: RE: [imail] Code Red II
Steve,
Is it possible that after you applied the demo version of IIS Secure or some
other change to your machine you failed to reapply the patch. I believe
that many patches as well as service packs must be reapplied after an
upgrade or change.
Mike
---------- Original Message ----------------------------------
From: "Steve Polyak" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Date: Tue, 7 Aug 2001 06:24:36 -0600
>I have been hit too with a version of Code Red and I have the patch, I have
>tested that I am safe using the Norton Code Red test and have also
installed
>the demo version of IIS Secure and I am still having my websites shutdown.
>I am only usually having web services stopping not the ftp services and it
>takes either shortly after a reboot occurs to 2 hours before the failure.
>This only started on Friday with it getting worse during the weekend. I
had
>installed the Microsoft patch at the beginning of the last attack. I have
>even removed the .ida filter and my NT events logs are still recording
>
>"The server failed to close to the following client connection during
>shutdown: URL='default.ida'"
>
>I am right now trying to move everything across to our secondary server so
I
>can rebuild the infected one. Has anyone else come across the same
problem?
>
>Steve
>
>-----Original Message-----
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
>Rasmus Aaen
>Sent: August 7, 2001 6:13 AM
>To: '[EMAIL PROTECTED]'
>Subject: RE: [imail] Code Red II
>
>
>It's the same patch... Please Read about it on http://www.eeeye.com
>
>>From http://www.eeye.com/html/Research/Advisories/AL20010804.html:
>
>[snip]
>The fix that has been talked about for Code Red is still the same fix
>for this new worm. INSTALL THE MICROSOFT SECURITY PATCH:
>http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
>ity/bulletin/MS01-033.asp
>
>[/snip]
>
>/Rasmus
>
>-----Original Message-----
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
>mustafa
>Sent: 7. august 2001 14:58
>To: [EMAIL PROTECTED]
>Subject: Re: [imail] Code Red II
>
>
>This is a new version of Code Red Worm not the old one I got this patch
>
>Please Read about it on http://www.eeeye.com
>
>Regards
>Mustafa
>
>----- Original Message -----
>From: "Archer Koch (Win & Ware)" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Tuesday, August 07, 2001 1:51 PM
>Subject: RE: [imail] Code Red II
>
>
>> Start here:
>>
>>
>http://microsoft.com/technet/treeview/default.asp?url=/technet/itsolutio
>> ns/security/topics/codealrt.asp
>>
>> -----Original Message-----
>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
>> mustafa
>> Sent: Tuesday, August 07, 2001 5:43 AM
>> To: [EMAIL PROTECTED]
>> Subject: [imail] Code Red II
>>
>>
>> We were hacked by Code Red II virus please advice
>>
>> mustafa
>>
>>
>>
>>
>>
>> ______________________________________________________________________
>> The HKSI-IMail Admin List is hosted by........ Humankind Systems, Inc.
>> Questions, Comments or Complain like Hell.. mailto:[EMAIL PROTECTED]
>> Message Archive... http://www.tallylist.com/archives/index.cfm/mlist.4
>> To Manage your Subscription......... http://humankindsystems.com/lists
>>
>
>
>
>
>
>************************************************************************
>*************
>The contents of this email and any attachments are confidential. It is
>intended for the named recipient(s) only. If you have received this
>email
>in error please notify the system manager or the sender immediately and
>
>do not disclose the contents to any one or make copies.
>************************************************************************
>*************
>PALTEL E-Safety System scanned this email and found NO viruses,
>vandals or malicious content.
>************************************************************************
>*************
>Should you need any information or clarifications regarding this system,
>
>please do not hesitate to contact our team at the Internet Project
><[EMAIL PROTECTED]>.
>************************************************************************
>*************
>
>
>
>
>______________________________________________________________________
>The HKSI-IMail Admin List is hosted by........ Humankind Systems, Inc.
>Questions, Comments or Complain like Hell.. mailto:[EMAIL PROTECTED]
>Message Archive... http://www.tallylist.com/archives/index.cfm/mlist.4
>To Manage your Subscription......... http://humankindsystems.com/lists
>
>
>
>
>______________________________________________________________________
>The HKSI-IMail Admin List is hosted by........ Humankind Systems, Inc.
>Questions, Comments or Complain like Hell.. mailto:[EMAIL PROTECTED]
>Message Archive... http://www.tallylist.com/archives/index.cfm/mlist.4
>To Manage your Subscription......... http://humankindsystems.com/lists
>
______________________________________________________________________
The HKSI-IMail Admin List is hosted by........ Humankind Systems, Inc.
Questions, Comments or Complain like Hell.. mailto:[EMAIL PROTECTED]
Message Archive... http://www.tallylist.com/archives/index.cfm/mlist.4
To Manage your Subscription......... http://humankindsystems.com/lists
______________________________________________________________________
The HKSI-IMail Admin List is hosted by........ Humankind Systems, Inc.
Questions, Comments or Complain like Hell.. mailto:[EMAIL PROTECTED]
Message Archive... http://www.tallylist.com/archives/index.cfm/mlist.4
To Manage your Subscription......... http://humankindsystems.com/lists
