[Snort-users] Code Red attacks

Gordon Ewasiuk gewasiuk at ...3392...
Mon Sep 17 15:25:02 EDT 2001


On Today, Jason Withrow wrote:
>What is the legal issue, it is a purely defensive mechanism.

>On Today, Jason Withrow wrote:
>>Since CR installs a CMD Shell that is freely accessable,
>>Write a script that write a text file to that users computer.

<disclaimer>
I am not a lawyer and despise Code Red as much as anyone.
</disclaimer>

You suggested writing a text file to an infected system.  Such an act
could be construed as tampering with that system, illegally uploading
data, using their resources without their permission, etc.  Some companies
might even call that a break-in attempt.

Not sure how I would handle it.  I'm a firm beliver in proactive
monitoring and patching.

-Gordon

--------------------------------------------------
Gordon Ewasiuk, Certifed Sun Fanatic,  Winstar VHC
The REAL office number is here----->  703.893.4901
Tired of BSODs, My Computer, and Code Red?
http://www.sun.com/solaris/binaries/
-------------------------------------------------





More information about the Snort-users mailing list