From: "Chris Kloiber" <[EMAIL PROTECTED]>
> On Sun, 12 Aug 2001, Mike Chambers wrote:
>
> > ----- Original Message -----
> > From: "Chris Kloiber" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Sunday, August 12, 2001 4:52 AM
> > Subject: Re: Is this a Code Red attack?
> >
> >
> > > I got an updated script running on my server now which emails the admin of
> > > the infected server (whenever possible). I can't take credit for it, but
> > > it's up and running now. It's set up to allow you to grab a copy for your
> > > own use. I added instructions to the page to tell all how to make it work.
> > >
> > > http://ckloiber.mine.nu/default.ida
> >
> > Does this just email the admin or does it do some sort of reboot or
> > something to their machine?
> >
> > Mike
>
> It just emails.
Chris, this is a bad thing. All the machines I have tested in the last three
or four days are home machines. Bernhard's trick is much better as it gets
the message to the owner of the machine. (Now if he also had that string
redirected to the all users startup directory and performed a reboot....)
{^_^}
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
