rhurtz
03-31-2003, 07:17 AM
Hey everyone,
I ran into some interesting articles on netcraft's website today. You should take a look at them if you have the time, also note the comments I have on each article.
Windows 2000 passes the million mark
news.netcraft.com/archives/2003/03/25/windows_2000_passes_the_million_mark.html (http://news.netcraft.com/archives/2003/03/25/windows_2000_passes_the_million_mark.html)
More and more sites are hosting on Microsoft platforms, I think that it might even be possible that one of the new DiscountASP servers could have been the 1,000,000th or 999,999th server. [:D]
Windows 2000 Exploits Published & Generalised
news.netcraft.com/archives/2003/03/27/windows_2000_exploits_published_generalised.html (http://news.netcraft.com/archives/2003/03/27/windows_2000_exploits_published_generalised.html)
This is a really important article since it shows that there is now an available exploit out there. I have taken the exploit and tested it on all of the DiscountASP servers. They all passwd with flying colors. [:D] Make sure to patch your servers at home and/or work!
Here is the exploit's output.
[rhurtz@unixbox rhurtz]$ ./rs_iis discountasp.net
Resolving hostname ...
Attacking port 80 at discountasp.net (EIP = 0x00480004)...
Now open another console/shell and try to connect (telnet) to victim port 31337...
Server NOT vulnerable!</font id="Lucida Console"></font id="size1">
Three quarters of Microsoft-IIS sites have WebDAV enabled
news.netcraft.com/archives/2003/03/18/three_quarters_of_microsoftiis_sites_have_webdav_e nabled.html (http://news.netcraft.com/archives/2003/03/18/three_quarters_of_microsoftiis_sites_have_webdav_e nabled.html)
This article shows how many possible servers are out there that aren't patched! Now that the exploit is out, I think I smell a possible new worm like the SQL Slammer coming. So remeber to patch patch patch.
If you have an account with another hosting company you should contact them to make sure they are patched, or you could transfer those accounts over to DiscountASP and sleep soundly. [;)]
Take care!
---
Richard
Behind the ...[8]. .
I ran into some interesting articles on netcraft's website today. You should take a look at them if you have the time, also note the comments I have on each article.
Windows 2000 passes the million mark
news.netcraft.com/archives/2003/03/25/windows_2000_passes_the_million_mark.html (http://news.netcraft.com/archives/2003/03/25/windows_2000_passes_the_million_mark.html)
More and more sites are hosting on Microsoft platforms, I think that it might even be possible that one of the new DiscountASP servers could have been the 1,000,000th or 999,999th server. [:D]
Windows 2000 Exploits Published & Generalised
news.netcraft.com/archives/2003/03/27/windows_2000_exploits_published_generalised.html (http://news.netcraft.com/archives/2003/03/27/windows_2000_exploits_published_generalised.html)
This is a really important article since it shows that there is now an available exploit out there. I have taken the exploit and tested it on all of the DiscountASP servers. They all passwd with flying colors. [:D] Make sure to patch your servers at home and/or work!
Here is the exploit's output.
[rhurtz@unixbox rhurtz]$ ./rs_iis discountasp.net
Resolving hostname ...
Attacking port 80 at discountasp.net (EIP = 0x00480004)...
Now open another console/shell and try to connect (telnet) to victim port 31337...
Server NOT vulnerable!</font id="Lucida Console"></font id="size1">
Three quarters of Microsoft-IIS sites have WebDAV enabled
news.netcraft.com/archives/2003/03/18/three_quarters_of_microsoftiis_sites_have_webdav_e nabled.html (http://news.netcraft.com/archives/2003/03/18/three_quarters_of_microsoftiis_sites_have_webdav_e nabled.html)
This article shows how many possible servers are out there that aren't patched! Now that the exploit is out, I think I smell a possible new worm like the SQL Slammer coming. So remeber to patch patch patch.
If you have an account with another hosting company you should contact them to make sure they are patched, or you could transfer those accounts over to DiscountASP and sleep soundly. [;)]
Take care!
---
Richard
Behind the ...[8]. .