RE: CR II - winME? confirmation? (Slightly OT)

From: Gregory_DeGennaro@csaa.com
Date: 08/08/01

• Previous message: w1re p4ir: "root.exe scanner last email i swear"
• Maybe in reply to: Gregory_DeGennaro@csaa.com: "RE: CR II - winME? confirmation? (Slightly OT)"
• Next in thread: Inman, Carey: "RE: CR II - winME? confirmation? (Slightly OT)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Message-ID: <97E963187BE1D211AF210008C7916094062C8786@EXCHMO03>
From: Gregory_DeGennaro@csaa.com
To: cambria@owt.com, amerk@telus.net, VULN-DEV@securityfocus.com
Subject: RE: CR II - winME? confirmation? (Slightly OT)
Date: Wed, 8 Aug 2001 14:42:23 -0700 

Greg

LOL ...

I believe most of the 1000+ blocked scans a day that come across my firewall
have the same user or system administrator mentality. I did three OS scans
with nmap against three violators and all of them turn up to be W2K running
IIS on my cable network. I wanted to see who was not being responsible ...
:-)

Greg
 

-----Original Message-----
From: Gregory McCann [mailto:cambria@owt.com]
Sent: Tuesday, August 07, 2001 6:28 PM
To: Amer Karim; VULN-DEV List
Subject: Re: CR II - winME? confirmation? (Slightly OT)

On 8/7/2001 at 4:55 PM Amer Karim wrote:

>I just came across a situation today where one of my clients
>asked me to have a look at his home system since it was behaving rather
>strangely. Found out he was running W2K Pro w/ IIS installed (had a site
>running w/ pics of his family), and when I asked him if he'd patched it for
>the original CR he just gave a blank look - followed by "I though that was
>only for servers." ...I just about put my head through the wall.

Hard to blame him when even the SecurityFocus web site says of CR2, "only
web servers are vulnerable -- home PC users are generally immune".

http://www.securityfocus.com/news/232

Greg

---

• Previous message: w1re p4ir: "root.exe scanner last email i swear"
• Maybe in reply to: Gregory_DeGennaro@csaa.com: "RE: CR II - winME? confirmation? (Slightly OT)"
• Next in thread: Inman, Carey: "RE: CR II - winME? confirmation? (Slightly OT)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: CR II - winME? confirmation? (Slightly OT) ... Subject: CR II - winME? ... Normal users don't need to have IIS installed/running on their computers, ... web servers are vulnerable -- home PC users are generally immune". ... (Vuln-Dev) RE: CR II - winME? confirmation? (Slightly OT) ... Subject: CR II - winME? ... source of that vulnerability. ... ANY system with the indexing service on it just as vulnerable as systems ... (Vuln-Dev) Re: CR II - winME? confirmation? (Slightly OT) ... Subject: CR II - winME? ... Found out he was running W2K Pro w/ IIS installed (had a site ... Last week on our national radio station here in New Zealand, ... (Vuln-Dev) Re: CR II - winME? confirmation? (Slightly OT) ... Subject: CR II - winME? ... On 8/7/2001 at 4:55 PM Amer Karim wrote: ... Found out he was running W2K Pro w/ IIS installed (had a site ... (Vuln-Dev)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > vuln-dev  > 2001-08