On Mon, Aug 06, 2001 at 04:56:17PM +0100, Steve Bellovin wrote:
Well, folks, my packet suckers have shown a Code Red II attack from a
machine on the IETF meeting net. It's 217.33.140.38 -- if you have
that address, you need to disinfect and patch your machine. For the
rest of you, be careful...
To be more explicit, if you're using Windows 2000 on your laptop, and
are running IIS (apparently some people who use W2K don't realize that
they have IIS enabled), you **really** want to make sure that you
check and make sure your laptop isn't infected with Code Red before
you go back home and connect your laptop to your corporate network.
I've been told that at least one IETFer's company (who shall remain
unnamed) were currently having their internal network severely
impacted by Code Red worms running rampant inside their internal
corporate network, behind their firewalls --- where people tend to be
much more lax about security and installing the latest patches on
their machines). Don't let this happen to your company....
- Ted