[40503] in North American Network Operators' Group
RE: Code Red 2 cleanup; reporting..
daemon@ATHENA.MIT.EDU (Roeland Meyer)
Fri Aug 10 11:17:04 2001
Message-ID: <EA9368A5B1010140ADBF534E4D32C728025B07@condor.mhsc.com>
From: Roeland Meyer <rmeyer@mhsc.com>
To: "'up@3.am'" <up@3.am>, nanog@merit.edu
Date: Fri, 10 Aug 2001 08:21:48 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Errors-To: owner-nanog-outgoing@merit.edu
> From: up@3.am [mailto:up@3.am]
> Sent: Friday, August 10, 2001 8:09 AM
>
> On Fri, 10 Aug 2001, Roeland Meyer wrote:
>
> > Win2K boxen are ALWAYS running IIS. It doesn't matter
> whether you have Pro
> > or Server. ALL Win2K systems need to run the patch. MSFT
> chose to integrate
> > much of the IIS stuff into DLLs with other system critical
> stuff. As a
> > result, IIS can't be completely removed without killing off
> other critical
> > functions. Yes, what they proved in court is even more true
> with Win2K than
> > with Win98 (Duh! MSFT didn't lie, but they didn't tell the
> whole truth
> > either). WinXP is even more in that direction, from all reports.
>
> I admit to knowing very little about Win2k, but on the only box I've
> installed Win2k on, it doesn't *appear* to be running:
>
> Port State Protocol Service
> 135 open tcp loc-srv
> 139 filtered tcp netbios-ssn
> 445 open tcp microsoft-ds
> 1025 open tcp list
>
> ...unless it runs on one of those 3 other open ports? This was Win2k
> Client, not server, BTW...perhaps you mean every Win2k Server?
Have you installed a Win2K Domain (Active Directory)?
