 |
| Home |
| Unix |
| MVS |
| AS/400 |
| Win NT/2K |
| Security |
| Publications |
| Internet Dev |
| Rants/Raves |
| Downloads |
| Links |
| About Site |
Code Red: Do your Job
What is going on with all this talk about Code Red?
What is everyone to do? Oh the sky is falling!!! AHHH!!! Please! Code Red is not the end of the world. The media is having a field day with this one. The news is so lacking that the media needs to attach itself to something. The media IS the virus. The media is causing more harm then the Code Red Worm itself. So what do you do about this Code Red stuff? First things first! If you do not have a Micro$oft Web Server installed on your machine, don't bother reading further because you are not vulnerable to this attack. If you do have some kind of Micro$oft web server you may want to check and see that your system's are secure from Code Red and some other vulnerabilities while you're at it. I would recommend running 2 simple utilities.
1. Run the Code Red Scanner provided free from Eeye. This tool is pretty handy in that it scans the whole network for you and verifies that the .ida vulnerability is none existent on your Micro$oft Web Servers.
2. Run the Steve Gibson PatchWorks Tool.
3. Keep up with the latest security news for the systems you work with. Make a list of the applications installed in your environment and routinely check the vendor sites for security updates.
Once this has been done, its not over. Its now the beginning of your new responsibilities. Now that you know what can happen when a system isn't properly secured, add some security vigilance to your job. Check the security bulletins for IIS & Windows NT/2K at Microsoft's security web site. Update your web servers software. Apply patches when necessary. If the web server isn't important enough to protect, keep it off the network or at least make it not capable of connecting to the internet. It is everyone's responsibility to do their part to make sure their machines are not exploited and used against other computers. Why is it important that you secure your machine? You don't have anything important on it you say? The machine itself is an important resource in a cyber attack. Read this story to hear how hundreds of machines were used as Zombies to attack an unsuspecting host.
Another extremely useful resource is the National Infrastructure Protection Center (NIPC). This site publishes Cybernotes, a by weekly newsletter detailing the most recent exploits out in the wild.
FYI: Know why its called Code Red? Check it out!
So you aren't into security yet? Want to get into the game of scanning for vulnerabilities? What better way to look for the vulnerabilities that come out pretty frequently than to write some programs or scripts to scan your network for problems. A very simple way to start is to get a copy of PERL and a copy of some sample code to play with and get you started. The last thing the world needs is another script kiddie, but a White hat script kiddie admin is better than a dumb security unaware admin. Want some scripts? Check out astalavista.
Good Luck!
-DaKatana
Comments? Questions? Rants? Raves? Please send to the WebMaster
|
|
|
|
|