North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: Disabling QAZ (was Re: Port 139 scans)
Just like they probably don't know that they're infected, they probably won't know that they've been disinfected. At least the first time. > -----Original Message----- > From: Dana Hudes [mailto:[email protected]] > Sent: Friday, September 29, 2000 2:03 PM > To: Dan Hollis; [email protected] > Subject: Re: Disabling QAZ (was Re: Port 139 scans) > > > > I am willing to scrap together a script to shutdown the virus > on an infected machine and put it in a CGI web page. > I'm not sure about volume but initially I think I can host > it. In the event my 1Mbit connection is overwhelmed I'll need > another place.... > What stops me at the moment is that I have no authorization > to test against any infected machine. > I need a target. > I'm willing to also try for making the connection to the > share and removing the infection but I'm not sure I can get > it in time. > At least a shutdown page would do something. > I will start writing my code and await direct e-mail with > authorization and a target IP address to test against. > Note that I have plenty of potential test targets in my Samba > logs :-( but no legal authority to connect to those machines. > > ----- Original Message ----- > From: "Dan Hollis" <[email protected]> > To: <[email protected]> > Sent: Friday, September 29, 2000 4:42 PM > Subject: Re: Disabling QAZ (was Re: Port 139 scans) > > > > > > On Fri, 29 Sep 2000, John Fraizer wrote: > > > On Fri, 29 Sep 2000, Dan Hollis wrote: > > > > It would be cool if someone would make a tool that > would auto-disinfect > > > > users... > > > Yep. The problem with that is that current laws on the > books (in the US > > > at least) make this an illegal solution. If memory > serves me correctly, > > > the one I'm thinking about is worded something like: > > > "...any person who without authorization, accesses, > modifies, deletes or > > > destroys..." > > > > A web page that users themselves must click "OK, disinfect > me"? Seems > > authorization enough to me... > > > > > The penalties are pretty stiff too. The best of > intentions don't negate > > > the fact that it's illegal. > > > > When the user initiates the disinfection themselves? > > > > -Dan > > > >
|