Gov't Warns of Major Web Attack

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Gov't Warns of Major Web Attack

http://www.foxnews.com/story/0,2933,123712,00.html

--

-Jesse

http://www.pixelpages.net/conservativemind

Disclaimer: Spelling & grammar errors are made on purpose for those who are
fulfilled by correcting others.

 

[user]

Archived from groups: comp.security.firewalls (More info?)

x-no-archive: yes

Jesse Hand wrote:

> Gov't Warns of Major Web Attack
>
> http://www.foxnews.com/story/0,2933,123712,00.html

"The mysterious infection appeared to target at least one recent version
of software by Microsoft Corp. to operate Web sites, called its Internet
Information Server, popular among businesses and organizations."

The only thing that surprises me here is that Microsoft hasn't
officially changed IIS to stand for "Insecure Internet Server".

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

· wrote:

> The only thing that surprises me here is that Microsoft hasn't
> officially changed IIS to stand for "Insecure Internet Server".
>
>

Actually, in the next release they plan on changing the name to
"active backdoor.net"

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

FUD

"Jesse Hand" <no.spam@for.me> wrote in message
news:IwMCc.40024$MW4.39048@nwrdny03.gnilink.net...
> Gov't Warns of Major Web Attack
>
> http://www.foxnews.com/story/0,2933,123712,00.html
>
> --
>
> -Jesse
>
> http://www.pixelpages.net/conservativemind
>
> Disclaimer: Spelling & grammar errors are made on purpose for those who
are
> fulfilled by correcting others.
>
>
>

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

>FUD

What makes you say that? The threat is genuine and documented.
http://isc.sans.org/

For the record, I use both IIS and IE and am not an automatic MS basher.
--
Dave "Crash" Dummy - A weapon of mass destruction
crash@gpick.com?subject=Techtalk (Do not alter!)
http://lists.gpick.com

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

If your speaking of the Akamai incident, I think otherwise. I still believe
that was an inside issue.

""Crash" Dummy" <dvader@deathstar.mil> wrote in message
news:10dobjn19fotr33@corp.supernews.com...
> >FUD
>
> What makes you say that? The threat is genuine and documented.
> http://isc.sans.org/
>
> For the record, I use both IIS and IE and am not an automatic MS basher.
> --
> Dave "Crash" Dummy - A weapon of mass destruction
> crash@gpick.com?subject=Techtalk (Do not alter!)
> http://lists.gpick.com
>
>

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

>If your speaking of the Akamai incident, I think otherwise. I still believe
>that was an inside issue.

This has nothing to do with Akamai. This has to do with vulnerabilities in IIS
and IE. Did you even read the article?
--
Dave "Crash" Dummy - A weapon of mass destruction
crash@gpick.com?subject=Techtalk (Do not alter!)
http://lists.gpick.com

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Funny.
Looks like we bought some time.

http://news.com.com/Web+site+virus+attack+blunted/2100-7349_3-5248279.html?tag=nefd.top



""Crash" Dummy" <dvader@deathstar.mil> wrote in message
news:10dofm2ff9bbla0@corp.supernews.com...
> >If your speaking of the Akamai incident, I think otherwise. I still
> >believe
>>that was an inside issue.
>
> This has nothing to do with Akamai. This has to do with vulnerabilities in
> IIS
> and IE. Did you even read the article?
> --
> Dave "Crash" Dummy - A weapon of mass destruction
> crash@gpick.com?subject=Techtalk (Do not alter!)
> http://lists.gpick.com
>
>

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

>Looks like we bought some time.

Good. I hope they haven't abandoned the speedy trial and bullet to the brain in
Russia. Sometimes I really miss Stalin.
--
Dave "Crash" Dummy - A weapon of mass destruction
crash@gpick.com?subject=Techtalk (Do not alter!)
http://lists.gpick.com

 

[user]

Archived from groups: comp.security.firewalls (More info?)

Yeah, it's just FUD. Stick your hand in the clue bag, buddy.

http://www.us-cert.gov/current/current_activity.html
(content changes over time, but relevant quote appears below)

IIS 5 Web Server Compromises

added June 24

US-CERT is aware of new activity affecting compromised web sites running
Microsoft's Internet Information Server (IIS) 5 and possibly end-user
systems that visit these sites. Compromised sites are appending
JavaScript to the bottom of web pages. When executed, this JavaScript
attempts to access a file hosted on another server. This file may
contain malicious code that can affect the end-user's system. US-CERT is
investigating the origin of the IIS 5 compromises and the impact of the
code that is downloaded to end-user systems.

SA wrote:

> FUD
>
> "Jesse Hand" <no.spam@for.me> wrote in message
> news:IwMCc.40024$MW4.39048@nwrdny03.gnilink.net...
>> Gov't Warns of Major Web Attack
>>
>> http://www.foxnews.com/story/0,2933,123712,00.html
>>
>> --
>>
>> -Jesse
>>
>> http://www.pixelpages.net/conservativemind
>>
>> Disclaimer: Spelling & grammar errors are made on purpose for those
>> who are fulfilled by correcting others.