Re: Second wave of the Code Red Worm

From: Meritt James (meritt_james@bah.com)
Date: 08/07/01


Message-ID: <3B6FF31E.BC767C84@bah.com>
Date: Tue, 07 Aug 2001 09:54:38 -0400
From: "Meritt James" <meritt_james@bah.com>
To: EPiC <epic@hack3r.com>
Subject: Re: Second wave of the Code Red Worm

Consider "A 'White Hat' Goes to Jail " at
http://www.wired.com/news/culture/0,1284,44007,00.html and "Max Vision
begins 18-month term" at http://www.securityfocus.com/news/221 during
your ethical battle...

EPiC wrote:
>
> After reasearching this worm, and the way it exploits the idq.dll, I have
> decided that there is a way to stop it.
>
> I am still facing the ethical battle of if it is right or wrong to use the
> worm code against itself.
>
> I am looking for some laws, feedback to guide me here.
>
> EPiC
> hack3r.com
> ----- Original Message -----
> From: <Gregory_DeGennaro@csaa.com>
> To: <SECURITY-BASICS@securityfocus.com>
> Cc: <tm@research.suspicious.org>
> Sent: Thursday, August 02, 2001 9:41 AM
> Subject: Second wave of the Code Red Worm
>
> > Hello all,
> >
> > I believe there is a lot of system administrators or users that are doing
> a
> > poor job in preventing this second infestation of
> > the worm. This is becoming a negligent act by these users and/or sys
> admins
> > and should be heavily criticized for poor administration. In my book,
> they
> > are just as bad as the author of this worm and any malicious hacker
> > (cracker). If they do not want to properly administer their box, then
> they
> > should stay off the Internet. The first time around, was barely
> expectable
> > ... not this time.
> >
> > If Microsoft is to blame, they need to get their act together or we band
> > Microsoft and all go to *nix ... :-)
> >
> > My .02 ...
> >
> > Greg
> >
> >
> >
> >
> >

-- 
James W. Meritt, CISSP, CISA
Booz, Allen & Hamilton
phone: (410) 684-6566