Date: Mon, 20 Aug 2001 08:53:33 +0200 From: Wilko Bulte <wkb@freebie.xs4all.nl> To: "Carroll, D. (Danny)" <Danny.Carroll@mail.ing.nl> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Code Red is from default setup Message-ID: <20010820085333.A17285@freebie.xs4all.nl> In-Reply-To: <98829DC07ECECD47893074C4D525EFC3115625@citsnl007.europe.intranet>; from Danny.Carroll@mail.ing.nl on Mon, Aug 20, 2001 at 08:50:57AM %2B0200 References: <98829DC07ECECD47893074C4D525EFC3115625@citsnl007.europe.intranet>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Aug 20, 2001 at 08:50:57AM +0200, Carroll, D. (Danny) wrote: This is *FreeBSD* security, not MickeySoft latest bugs.. > To clarify... > > Index server need NOT be installed or even activated for the > vunerability to exist. > The problem is in the library that handles to request to be sent to > index server. > > That means that if you install IIS, you have to patch it. > > Also, it's my experience (in The Netherlands anyway) that the ISP's are > being quite helpful. Those that have Code Red on their cable web > servers might be blocked until the ISP can contact the client but for > the most part, they are not blocking port 80. > > It seems only to be the real big DLS/Cable companies in some countries > that are doing it. > > -D > > -----Original Message----- > From: Jim Durham [mailto:durham@w2xo.pgh.pa.us] > Sent: Sunday, August 19, 2001 6:31 AM > To: freebsd-security@freebsd.org > Subject: Code Red is from default setup > > > My friends who have to deal with M$ server things tell me that the > default > setup for Win2k server is that the IIS server is installed. -- | / o / / _ Arnhem, The Netherlands email: wilko@FreeBSD.org |/|/ / / /( (_) Bulte To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010820085333.A17285>