[NTLUG:Discuss] Red Worm flood on port 80
Richard Geoffrion
richard at rain.lewisville.tx.us
Sat Aug 4 23:38:49 CDT 2001
----- Original Message -----
From: "Fred James" <fredjame at concentric.net>
To: <discuss at ntlug.org>
Sent: Saturday, August 04, 2001 11:08 PM
Subject: Re: [NTLUG:Discuss] Red Worm flood on port 80
> I am not very good at this, but I was once given these two questions,
> which I have found helpful when I can remember them:
> (1) To decide if it is ethical, ask what it would be like if everyone
> did it.
If everyone could code payload to shut down an offending IIS server, life
would be good.
> (2) To decide if it is moral, ask what it would be like if it were done
> to you.
If I had an offending IIS server (of course having an IIS server period IS
offensive), I would want it shutdown. (And would deserve to have it
shutdown!)
So.......so....you have the answers to THOSE two questions! :)
>
> > Is there anything that I could do to create havok with the systems
scanning
> > me? What about creating a default.ida file and filling it with some
data?
> > (I know...that just fills up more bandwidth...)
My original comment about creating havok was not meant to cause damage per
se, but to limit the growth/spread of the worm by tying up the offending
system.
I chose my words poorly. BUT THE INTENT WAS THERE! So everyone just give
me a big 'ol Bill Clinton Democratic "We forgive you..you didn't really mean
it, and if you did you were sorry, and that's all that counts!"
:) It's late! Bedtime for me!
FYI, I created a web page. http://rain.lewisville.tx.us/default.ida
More information about the Discuss
mailing list