road runner and external connections
Charles K. Lee II
chuckx at cold-sun.com
Mon Apr 29 19:32:29 CDT 2002
On Mon, Apr 29, 2002 at 07:35:27AM -0500, Marvin Bellamy wrote:
> OT, I noticed a sad number of hits to my server from script kiddies.
> They look like Windoze exploits. One in particular asked for cmd.exe.
> I've thought about creating an executable that would in do a format c:
> or format /mbr or something else as mean and nasty. Anyone know enough
> about this exploit?
The source isn't script kiddies. When you're getting hit with requests for
cmd.exe, it's most likely a IIS box infected with Nimda, Code Red or some
similar variant. The virus is the culprit, not a bored teenager with too
much free time.
It is sad though. It's kind of ridiculous that people still have
unprotected, infected machines sitting around creating a nuisance for
others.
--
- chuckx | Charles K. Lee II -
- chuckx at cold-sun.com -
- http://www.cold-sun.com -
--
More information about the Kclug
mailing list