[thelist] [OT] Web Server Worm Infects 12,000 Web Servers
Christine Korza
evolt at tipsbyemail.com
Thu Jul 19 00:54:01 CDT 2001
My web hosting provider fell prey to this attack... fortunately they only
got a hold of our email server (the site and DB run on FreeBSD). We were hit
between 6:15-6:30pm Pacific time on Friday, and due to the swift action of
our network admin, we had the 'defacement' replaced within 45 minutes of my
discovering the problem and alerting them. I think my heart stopped beating
for 2 whole minutes when I saw the message, thinking our whole site had been
'taken'. In fact, our network admin was one of the two mentioned in the eEye
article (http://www.eeye.com/html/Research/Advisories/AL20010717.html). Just
reiterates my point that we have the best hosting provider in the world.
(www.superwebhost.com - Christine from protonic.com referred ya!) :)
<tip type="javascript">
Use javascript warnings to warn a user of the ramifications of clicking on a
link. Example: A delete button.
<.a href="message.delete.php?id=$id" onClick="if(confirm('OK to delete this
message?')) {return true;} return false;">
</tip>
----- Original Message -----
From: Seth Bienek <seth at sethbienek.com>
To: Thelist at Lists. Evolt. Org <thelist at lists.evolt.org>
Sent: Wednesday, July 18, 2001 6:03 PM
Subject: [thelist] Web Server Worm Infects 12,000 Web Servers
<snip>
> ---------------
> Worm has Servers Seeing Red
> http://www.zdnet.com/zdnn/stories/news/0,4586,5094345,00.html
>
> "Almost 12,000 Web servers have been infected by a new Internet worm that
takes advantage of a security flaw in Microsoft software to deface sites,
security experts said Wednesday. The worm could also help attackers identify
infected computers and gain control of them."
>
> "...[security experts] found that almost 11,900 servers had been infected
as of 7 a.m. PDT Wednesday."
> ---------------
</snip>
More information about the thelist
mailing list