North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Disabling QAZ (was Re: Port 139 scans)
I am willing to scrap together a script to shutdown the virus on an infected machine and put it in a CGI web page. I'm not sure about volume but initially I think I can host it. In the event my 1Mbit connection is overwhelmed I'll need another place.... What stops me at the moment is that I have no authorization to test against any infected machine. I need a target. I'm willing to also try for making the connection to the share and removing the infection but I'm not sure I can get it in time. At least a shutdown page would do something. I will start writing my code and await direct e-mail with authorization and a target IP address to test against. Note that I have plenty of potential test targets in my Samba logs :-( but no legal authority to connect to those machines. ----- Original Message ----- From: "Dan Hollis" <[email protected]> To: <[email protected]> Sent: Friday, September 29, 2000 4:42 PM Subject: Re: Disabling QAZ (was Re: Port 139 scans) > > On Fri, 29 Sep 2000, John Fraizer wrote: > > On Fri, 29 Sep 2000, Dan Hollis wrote: > > > It would be cool if someone would make a tool that would auto-disinfect > > > users... > > Yep. The problem with that is that current laws on the books (in the US > > at least) make this an illegal solution. If memory serves me correctly, > > the one I'm thinking about is worded something like: > > "...any person who without authorization, accesses, modifies, deletes or > > destroys..." > > A web page that users themselves must click "OK, disinfect me"? Seems > authorization enough to me... > > > The penalties are pretty stiff too. The best of intentions don't negate > > the fact that it's illegal. > > When the user initiates the disinfection themselves? > > -Dan >
|