Robert L. Harris wrote: > Ok, so your thinking is so much better than everyone else's. You take > over the world and be the benevelant dictator.
Hardly my point. Apparently you consider it perfectly normal to start proposing workarounds and solutions when you don't understand the problem and haven't even been paying attention to the news or the previous discussion. I'd say it's a waste of time. Familiarize yourself with the subject first. Try http://www.incidents.org for a good start. > How much do you know a windows box? I've been a professional software engineer working primarily on Win32 pretty much as long as Win32 has existed. I know the platform better than just about anyone I've ever worked with, and I've worked with some really sharp people. > There IS an "at" job for windows. > it bascially acts as a cronjob, just called at. It's usually an add-on > but does exist and alot of production systems will use it for rotating > logs, restarting services that aren't "services" and the like. You're still missing the point. A large percentage (perhaps even a substantial majority?) of the systems that are propagating Code Red II are home cable/DSL systems. There is no admin (at least, not a clueful one in most cases), there is no mail transport, and the "at" command may well not be installed. And it's still illegal and unethical to invade someone else's machine even to clean up a mess they don't know they have. > As per mail, did you know you can send mail to a domain? Home users typically aren't part of a domain. In fact, I'm sitting here in the offices of a small startup firm, and we don't have a domain for our Windows machines because none of us have bothered to set one up yet. For now, we just have a workgroup. > Hmm. "my understanding"... Yup, I was stating a fact wasn't I? No, you were revealing that you haven't even read the major news reports about Code Red, many of which mentioned that it was targeting a hard-coded IP address. They had to mention this in order to explain how the White House sidestepped the attack last month. I was also thoroughly unimpressed by your apparent willingness to believe that Code Red was of Chinese origin simply because it claimed to be, which shows a lack of critical thinking. > We can still point the entry somewhere > else, like the loopback addr or /dev/null. There's no need. The White House moved their server, and Code Red politely checks to see whether it's possible to connect to it at the hard-coded IP before bombing it. That's why nothing much happened in late July. Code Red II is, according to published reports, a new worm that borrows Code Red's infection mechanism but is otherwise completely different. I have not seen any statement that Code Red II cares about the White House's web site. > Have you ever heard of something called brainstorming or free thinking? You > throw out odd ideas and see what comes back. Yup. It works better if you know what you're talking about first, though. If you had even been reading the discussion here on this list, you would have heard your basic idea stated and politely shot down several times over, and would, one hopes, have seen no need to repeat it yet again. You didn't get flamed simply for making a poor suggestion, but for making it after it had been quite thoroughly dealt with already, and for making it clear that you didn't grasp the basic facts of the situation. Craig
