Re: [Full-Disclosure] SQL Slammer - lessons learned
From: David LaPorte (david_laporte@harvard.edu)
Date: 02/10/03
- Previous message: I.R. van Dongen: "Re: RE: [Full-Disclosure] SQL Slammer - lessons learned"
- In reply to: Schmehl, Paul L: "RE: [Full-Disclosure] SQL Slammer - lessons learned"
- Next in thread: Karl DeBisschop: "Re: [Full-Disclosure] SQL Slammer - lessons learned"
- Reply: Karl DeBisschop: "Re: [Full-Disclosure] SQL Slammer - lessons learned"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: David LaPorte <david_laporte@harvard.edu> To: "Schmehl, Paul L" <pauls@utdallas.edu> Date: Mon, 10 Feb 2003 10:23:08 -0500
Not sure if this is dated (I'm not an AT&T customer), but AT&T was filtering
port 80 as a result of Code Red. This document leads me to believe it will
continue indefinately.
http://help.broadband.att.com/faq.jsp?content_id=792&category_id=54
<em>> > for queries to a "destination" u> >Code Red/Nimda have fizzled out (probably still some infected
(you need to choose your state and choose Broadband Internet)
David
On Monday 10 February 2003 09:48, Schmehl, Paul L wrote:
> -----Original Message-----
> From: John.Airey@rnib.org.uk [mailto:John.Airey@rnib.org.uk]
> Sent: Monday, February 10, 2003 4:24 AM
> To: guninski@guninski.com; Schmehl, Paul L
> Cc: full-disclosure@lists.netsys.com
> Subject: RE: [Full-Disclosure] SQL Slammer - lessons learned
>
> >Code Red/Nimda have fizzled out (probably still some infected
> >machines out there), since it is possible to block ports below
> >1024.
>
> Huh? Our IDSes detect both Code Red I, II and III and Nimda every day,
> as does my Wormcatcher. I don't know *anyone* who is blocking port 80.
> Do you?
>
> Paul Schmehl (pauls@utdallas.edu)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> http://www.utdallas.edu/~pauls/
> AVIEN Founding Member
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
-- David LaPorte, CISSP Senior Network Security Engineer Harvard University Information Services NOC ----------------------------------------------- Email: david_laporte@harvard.edu PGP: 0x4DC3E508 4A1F058DB2B32FEF10A14F6BD370A6AD4DC3E508 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
- Next message: petard@hushmail.com: "Re: [Full-Disclosure] SQL Slammer - lessons learned"
- Previous message: I.R. van Dongen: "Re: RE: [Full-Disclosure] SQL Slammer - lessons learned"
- In reply to: Schmehl, Paul L: "RE: [Full-Disclosure] SQL Slammer - lessons learned"
- Next in thread: Karl DeBisschop: "Re: [Full-Disclosure] SQL Slammer - lessons learned"
- Reply: Karl DeBisschop: "Re: [Full-Disclosure] SQL Slammer - lessons learned"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
