Linux Today: Linux News On Internet Time.

NewsAlert: Code Red: A Witch Hunt Provocateur?

Aug 11, 2001, 16:00 (46 Talkback[s])
(Other stories by Brian McWilliams)

Nicholas Donovan asks "How much longer is business going to stand by and continue to pay-out for shoddy software and be told they're being done a favor?" Code Red continues to wreak havoc here and there, and expose some interesting problems with identifying compromised hosts correctly, as the Incidents.org site, a Linux-based site, was nearly blocked by AT&T on the basis of claims that it had a Code Red problem from ARIS. Readers may also be interested in 'Code Red III,' currently reported from Korea

"A popular Web site for information about the Code Red worm was nearly shut down Thursday following erroneous reports that it had been infected with the malicious, self-propagating worm. The occurrence has raised tempers between two leading security organizations.

Operators of Incidents.org, a site maintained by the SANS Institute, a security research and education organization, say they were nearly cut off from the Internet by their upstream Internet service provider after the ISP, AT&T Business, was notified that the site was being used to launch Code Red attacks.

"AT&T was just about ready to block access to our site, which would have caused a major disruption of service to us," said Matt Fearnow, incident handler for SANS."

Complete Story

Related Stories: