SI
SI
discoversearch

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor.  We ask that you disable ad blocking while on Silicon Investor in the best interests of our community.  If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.
Technology Stocks : The *NEW* Frank Coluccio Technology Forum
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  
To: Elsewhere who wrote (2744)5/12/2001 11:35:14 AM
From: Frank A. Coluccio  Read Replies (1) of 46821
 
From NANOG: Solaris/IIS worm hits 9000 boxes in 48 hours

theregister.co.uk

......The quite reliable hacker tracker attrition.org is reporting that
nearly nine thousand machines had been auto-defaced by the sadmind/IIS worm
as of Tuesday, making it one of the most effective little scripts ever
loosed on the Net.......
---------------

The full article:

Solaris/IIS worm hits 9000 boxes in 48 hours
By: Thomas C Greene in Washington
Posted: 11/05/2001 at 10:55 GMT

The quite reliable hacker tracker attrition.org is reporting that nearly nine thousand machines had been auto-defaced by the sadmind/IIS worm as of Tuesday, making it one of the most effective little scripts ever loosed on the Net.

Attrition has posted the IPs of all the boxes known to have been hit, and mirrored the default defacement to boot.

The worm infects Solaris boxes up to version 7, and then scans for IIS machines susceptible to the folder traversal vulnerability and executes mean-spirited code on them, replacing their default Web pages with naughty words.

What's ironic here is that the worm exploits two separate holes which were reported and patched ages ago. Call it proof-of-concept that sysadmins spend an awful lot of time on activities other than absorbing security bulletins.

The worm's payload is non-destructive -- far more nuisance than threat. However, developing a destructive version wouldn't even be close to brain surgery. So let's get those patches installed, shall we?

Find out how to protect yourself here. ®
Report TOU ViolationShare This Post
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  

HomeMailHotSubjectMarksPeopleMarksKeepersSettings
Terms Of UseContact UsCopyright/IP PolicyPrivacy PolicyAbout UsFAQAdvertise on SI
© 2025 Knight Sac Media.  Data provided by Twelve Data, Alpha Vantage, and CityFALCON News