Also, is it possible that the critter got through firewalls and "did harm", but could not get back out again? I don't know of any cases like
Um ..... brain in SirCam Mode :) Oops!! ----- Original Message ----- From: "Larry Sheldon" <lsheldon@creighton.edu> To: <wojtekz@idirect.com> Cc: <lsheldon@creighton.edu> Sent: Monday, July 30, 2001 2:03 PM Subject: Re: Hard data on network impact of the "Code Red" worm? that.
Well this just makes it a good idea to proxy outbound SMTP, just set up
an
access list for only allowing outbound TCP port 25 from certain hosts (verified mail servers).
Umm.....Code Red Worm is all HTTP--port 80, no?
I disremember any SMTP -- port 25 involvement.
-- -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.- . . - L. F. (Larry) Sheldon, Jr. - . Unix Systems and Network Administration . - Creighton University Computer Center-Old Gym - . 2500 California Plaza . - Omaha, Nebraska, U.S.A. 68178 Two identifying characteristics - . lsheldon@creighton.edu of System Administrators: . - 402 280-2254 (work) Infallibility, and the ability to - . 402 681-4726 (cellular) learn from their mistakes. . - 402 332-4622 (residence) - . http://www.creighton.edu/~lsheldon Adapted from Stephen Pinker . -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-