[ale] CodeRed Popups?

Michael Smith MSmith at webtonetech.com
Mon Aug 13 12:15:06 EDT 2001


Done that.....  I couldn't get it to work...  At least when I run smbclient
using the IP option...

Mike

-----Original Message-----
From: Jonathan Rickman [mailto:jonathan at xcorps.net]
To: ale at ale.org
Sent: Monday, August 13, 2001 12:10 PM
To: Robert L. Harris
Cc: Atlanta Linux Enthusiasts
Subject: Re: [ale] CodeRed Popups?


On Mon, 13 Aug 2001, Robert L. Harris wrote:

>   Yes I'm getting scanned by CodeRed, surprise surprise.  As a thought
> since I, to a degree, understand the ethics of the "can't shut their
> server down with the backdoor" argument,  how about putting up an html
> page that issues a single "popup" window with big Flashing letters that
> says "You have been infected."...
>
>   Not 500 pages, but if a server scans my box, just throws up a single
> message that they've been infected and lets them go their merry way.
>
>   This for alot of headless machines won't do squat, but for those people
> running it at home on cablemodems and the like could even throw in a link
> to the patch.
>
>   Based on the url it's scanning for and the nature of the servers, is
> this even possible?  Anyone have any code that'll do this?

I suppose you could rig up something to send a WinPopup message back to the
box,
but I doubt it'd be worth the trouble. Ironically enough, you might run into
trouble getting past their firewall (if they have one) over NetBIOS.

-- 
Jonathan Rickman
X Corps Security
http://www.xcorps.net

--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message
body.
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.





More information about the Ale mailing list