|
-
July 3rd, 2003, 02:14 PM
#1
For the paranoid
For those who are paranoid about the alleged "hacking" attack coming up this weekend, here is a link to the IIS security rollup download site. The package release is dated May 28th 2003.
http://support.microsoft.com/?kbid=811114
--TH13
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
July 3rd, 2003, 02:27 PM
#2
Re: For the paranoid
Originally posted here by thehorse13
The package release is dated May 28th 2003.
Which means it should have been installed ages ago 
Oliver's Law:
Experience is something you don't get until just after you need it.
-
July 3rd, 2003, 03:07 PM
#3
most of the sites that are going to be hit are large hosting services that run a couple hundreaed vhosts on 1 machine so that it can be a mass attack all at once. Hitting one site at a time and you will never have a chance to win.
Stupid freaking look, I have the most scripts and know how to run them best contest.
\"Ignorance is bliss....
but only for your enemy\"
-- souleman
-
July 3rd, 2003, 03:21 PM
#4
The most worrying thing is, for the people who are just installing that IIS rollup patch now, that their system has probably already been cracked, and some kiddie out there is just waiting for the 6th of July to wander in through the back door they've left for themselves, and deface your site.
-
July 3rd, 2003, 03:34 PM
#5
Yeah, I agree. If you are vigilant about securing your internet-facing boxes then this little contest is meaningless.
I know that I'm not going to lose sleep over it I'm worried about the guys/gals who DON'T announce to the world what their intentions are.
This whole thing wreaks of those fuc*ing e-mails that you get that warn you about the very scary new super virus that Microsoft found and you should forward the info to all your friends immediately. The way I see it, the announcement of the contest in itself is the attack. Think about it, they announce it on a holiday weekend. They tell you the parameters of the attack. The media who now knows that hacking is a sure winner for news stories jumps on this and acts just like the stupid end user who forwards the super virus e-mail.
[soap box dismounted]
LOL
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
July 3rd, 2003, 03:36 PM
#6
Yeah slarty. Talk about a false sense of security.
What's also worrying is that there are still ppl running apache with an old and vulnerable openssl version. I also see a slight rise in SSL2 masterkey overflow attempts. Anyone else seen this too?
Oliver's Law:
Experience is something you don't get until just after you need it.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote