waider: (Default)
waider ([personal profile] waider) wrote2004-04-08 11:54 am
  • Add Memory
  • Share This Entry
  • Current Mood: amused
Entry tags:

welcome to the intarweb

My DSL connection got its first hostile this morning.

A nimda attack.

No, seriously. There are nimrods out there at the moment who are so slack about their machines that they're still vulnerable to nimda. GRAFIEK010.grafiekas.nl, to be specific.
Threaded | Top-Level Comments Only

[identity profile] brokensymmetry.livejournal.com 2004-04-08 09:52 am (UTC)(link)
That sounds about right; www.canetoad.com still gets the occasional hit from code red. Every time I see one I think about creating an Apache module that would send out-of-band data back to the originating machine, on the assumption that if it's still vulnerable to code red OOB data should still crash it.

(Side note: lj's spellchecker suggests "BOOB" as a replacement for "OOB." I'm tired enough that this struck me as funny).
ext_181967: (Default)

[identity profile] waider.livejournal.com 2004-04-08 09:57 am (UTC)(link)
I used have a honeypot that'd ride back the connection and use nimda's accessible command.com to shut down the machine. Solves the problem very quickly.
Threaded | Top-Level Comments Only