[40012] in North American Network Operators' Group
Re: Code Red round two
daemon@ATHENA.MIT.EDU (Dave Stewart)
Tue Jul 31 10:10:34 2001
Message-Id: <5.1.0.14.2.20010731095641.04a86698@mail.ntrnet.net>
Date: Tue, 31 Jul 2001 10:00:17 -0400
To: Jeff Ogden <jogden@merit.edu>, nanog@merit.edu
From: Dave Stewart <dbs@ntrnet.net>
In-Reply-To: <v04210107b78c66f330ac@[198.108.90.150]>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Errors-To: owner-nanog-outgoing@merit.edu
At 09:49 AM 7/31/2001, Jeff Ogden wrote:
>So what, if anything, are people planning to do differently as 8 pm EDT
>today and the possibility of a new round of Code Red Worm activity
>approaches? Are there things that we as network operators can and should
>be doing beyond encouraging end users to patch their vulnerable systems?
You can scan your network(s) for machines that are vulnerable, and patch
them. Or contact the end users and require that they patch them.... if
they aren't patched by 7:45pm or so, you can block port 80 access to those
machines until they are patched.
