Worms and CScript/WScript

From: Blake Frantz (blake@mc.net)
Date: 05/21/02

Previous message: George Bakos: "Re: Strange scan on 1433"
In reply to: George Bakos: "Re: Strange scan on 1433"
Next in thread: Ryan Russell: "Re: Worms and CScript/WScript"
Next in thread: Ken Pfeil: "RE: Strange scan on 1433"
Reply: Ryan Russell: "Re: Worms and CScript/WScript"
Reply: verbal@mrverbal.com: "RE: Worms and CScript/WScript"
Reply: Michael Wright: "RE: Worms and CScript/WScript"
Reply: Dubber, Drew B: "RE: Worms and CScript/WScript"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Blake Frantz" <blake@mc.net>
To: <incidents@securityfocus.com>
Date: Tue, 21 May 2002 16:44:34 -0500

Hello,

A majority of the worms (even SQLsnake) that have been going around
lately take advantage of cscript and wscript. What ramifications would
be felt on vanilla installs of common services (MS SQL, Exchange, IIS,
etc.) if these two files were moved or deleted? It seems like a fairly
easy way to help mitigate the 'success' of Internet worms. Any
thoughts?

Blake Frantz A+, CNA, CCNA, MCSE
Network Security Analyst
mc.net
720 Industrial Drive #121
Cary, IL 60013
phn: (847)-594-5111 x5734
fax: (847)-639-0097
mailto:blake@mc.net
http://www.mc.net

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

Previous message: George Bakos: "Re: Strange scan on 1433"
In reply to: George Bakos: "Re: Strange scan on 1433"
Next in thread: Ryan Russell: "Re: Worms and CScript/WScript"
Next in thread: Ken Pfeil: "RE: Strange scan on 1433"
Reply: Ryan Russell: "Re: Worms and CScript/WScript"
Reply: verbal@mrverbal.com: "RE: Worms and CScript/WScript"
Reply: Michael Wright: "RE: Worms and CScript/WScript"
Reply: Dubber, Drew B: "RE: Worms and CScript/WScript"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: Worms and CScript/WScript
... in the event of perimeter penetration is advised additionally as well) ... Subject: Worms and CScript/WScript ... This list is provided by the SecurityFocus ARIS analyzer service. ...
(Incidents)
Re: Worms and CScript/WScript
... > A majority of the worms (even SQLsnake) that have been going around ... > lately take advantage of cscript and wscript. ... > easy way to help mitigate the 'success' of Internet worms. ... This list is provided by the SecurityFocus ARIS analyzer service. ...
(Incidents)