RE: Code Red patch issue?
From: Patrick S. Harper (patrick@internetsecurityguru.com)Date: 08/13/01
- Previous message: Michael Kjorling: "IMPORTANT - RE: Script"
- In reply to: Tom Le: "Re: Code Red patch issue?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Patrick S. Harper" <patrick@internetsecurityguru.com> To: "Tom Le" <tom@dottom.com>, <SECURITY-BASICS@securityfocus.com> Subject: RE: Code Red patch issue? Date: Mon, 13 Aug 2001 14:00:55 -0500 Message-ID: <HMEHKKBCEGFOLBBAOAEHOEBGCCAA.patrick@internetsecurityguru.com>
I have applied SP6a to well over one hundred production web servers
(NT4/IIS4)with no problems. I wouldn't think of putting a server in
production without it. Have you done any testing with it? I always take
one of my hot spare servers and do a full restore to it then start
pounding it. If I have a wide variety of configurations (like one index,
one CFM, one FrontPage, one ASP, etc.) I will test on each type of server.
Also even if you did not install index server you will still have the
ida.dll on your system which from what I have seen means you are still
vulnerable. You might want to unregister the DLL from the registry and
then rename it (remembering that is you install SP's or Hot fixes it will
be put back)
Just my thoughts, thanks
> -----Original Message-----
> From: Tom Le [mailto:tom@dottom.com]
> Sent: Friday, August 10, 2001 1:04 PM
> To: SECURITY-BASICS@securityfocus.com
> Subject: Re: Code Red patch issue?
>
>
> I've got a dozen NT 4.0/IIS 4.0/SP5 boxes in production that I do not
> dare risk applying SP6A. I tried SP6 when it first came out and had
> nightmares. MSFT claims 6A has no problems but I've talked to others
> who have had problems.
>
> My problem is I cannot apply the patch with SP5 (a very stable SP, btw).
> But I checked my IIS mappings and since I never installed Index Server
> I'm fine.
>
> The problem is should I ever need Index Server (or some other service
> that requires a vulernable ISAPI component), I may have no choice but
> to upgrade.
>
> I can't believe MSFT didn't release patches for different SP levels...
>
> BTW, does anyone else think as I do that this whole Code Red thing was
> a GREAT thing? I can image a much worse virus-worm that would stunned
> the computing world. Now many vulnerable servers are fixed and other
> virus-worms hitting the street won't infect nearly as many servers.
> Of course, there's always the next great MSFT vulnerability lurking
> around the corner...
>
>
> >----- Original Message -----
> >From: "Cynthia Thorpe" <cthorpe07@hotmail.com>
> >To: <SECURITY-BASICS@securityfocus.com>
> >Sent: Tuesday, August 07, 2001 9:22 AM
> >Subject: Code Red patch issue?
> >
> >
> > Hi,
> > I'm new to the list - and have an issue that I'm hoping someone
can
> > assist with. My company is small - and has combined a number of
> applications
> > on just a few servers. We have Exchange 5.5 (running Outlook web
access)
> > SP4, and Citrix Terminal Server (NT SP4 for Terminal Server) running
on
> the
> > same box. Yes, I know that this isn't great - but it's how they have
to
> run
> > at the moment. The Code Red patch fails to install - stating
> that it can't
> > install on a Terminal Server PC. Does anyone have any ideas on how to
> > safeguard this server from the virus?
> >
> > Thanks,
> >
> > Cynthia
>
- application/x-pkcs7-signature attachment: smime.p7s
- Previous message: Michael Kjorling: "IMPORTANT - RE: Script"
- In reply to: Tom Le: "Re: Code Red patch issue?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
