Code Red.
July 30, 2001 7:04 PM Subscribe
Code Red. Microsoft NT, 2000, and ISS users beware, and resurgance of the code red virus may rear it head again tomorrow. Be sure to get all patched up
Technical writing is all about the audience. If you want the details, you should be reading bugtraq. If you want IT water cooler talk, yahoo will suffice. I'm more disturbed by the continued willingness of those who support NT boxen to put up with constant MS patches, some of which that suffer from piss poor integration testing. It won't end with XP.
posted by machaus at 7:50 PM on July 30, 2001
posted by machaus at 7:50 PM on July 30, 2001
I'm more disturbed by the continued willingness of those who support NT boxen to put up with constant MS patches
What operating system isn't constantly patched? I really can't think of one.
posted by daveadams at 6:46 AM on July 31, 2001
What operating system isn't constantly patched? I really can't think of one.
posted by daveadams at 6:46 AM on July 31, 2001
Solaris comes to mind, but this really wasn't just an OS or app issue. Thanks to MS integration, it was both.
posted by machaus at 6:57 AM on July 31, 2001
posted by machaus at 6:57 AM on July 31, 2001
Dillinger69: Here's some more detailed info:
Code Red spreads by scanning the Internet for vulnerable IIS systems, and it is this scanning activity which has the potential to degrade service across the entire Internet. A patch issued by Microsoft removes the IIS scanning vulnerability in Windows NT and 2000. Users of Microsoft Windows 95, Windows 98, or Windows Me are not affected by the Code Red worm.
posted by PWA_BadBoy at 7:43 AM on July 31, 2001
Code Red spreads by scanning the Internet for vulnerable IIS systems, and it is this scanning activity which has the potential to degrade service across the entire Internet. A patch issued by Microsoft removes the IIS scanning vulnerability in Windows NT and 2000. Users of Microsoft Windows 95, Windows 98, or Windows Me are not affected by the Code Red worm.
posted by PWA_BadBoy at 7:43 AM on July 31, 2001
Thanks to MS integration, it was both.
We have an IBM AS/400 here at work. Supposedly one of the most reliable and stable platforms available. There are one or two new patches announced a week. All the server software and OS code are inextricably entwined, so often a problem in one application we don't even use will force us to install a patch.
But as for integration, that's not what this is about at all. IIS is not a required element on NT/2000 boxes. It's there, but you can turn it off permanently with four clicks. The problem here is with the application not the OS.
posted by daveadams at 8:50 AM on July 31, 2001
We have an IBM AS/400 here at work. Supposedly one of the most reliable and stable platforms available. There are one or two new patches announced a week. All the server software and OS code are inextricably entwined, so often a problem in one application we don't even use will force us to install a patch.
But as for integration, that's not what this is about at all. IIS is not a required element on NT/2000 boxes. It's there, but you can turn it off permanently with four clicks. The problem here is with the application not the OS.
posted by daveadams at 8:50 AM on July 31, 2001
daveadams has this one pegged: one of the problems here is the tendency among those without sysadmin experience to select everything when they install NT or Win2K, in the belief that it'll be less fiddly than having to dig out the CD when they actually need it. So you get unpatched OSes and apps running from day one, and because nothing breaks, there's the assumption that everything's fine. Until the worm/trojan hits.
Could I also be a little snobbish, and suggest that one of the reasons why so many copies of IIS are unpatched is that both the upgrade process is still rather messy, even with Windows Update, and the people maintaing these servers are usually MSCEs with their, um, MSCE-level training.
(A cronjobbed apt-get to security.debian.org does me fine...)
posted by holgate at 10:41 AM on July 31, 2001
Could I also be a little snobbish, and suggest that one of the reasons why so many copies of IIS are unpatched is that both the upgrade process is still rather messy, even with Windows Update, and the people maintaing these servers are usually MSCEs with their, um, MSCE-level training.
(A cronjobbed apt-get to security.debian.org does me fine...)
posted by holgate at 10:41 AM on July 31, 2001
for those saying: "Neener Neener you should be running (whatever)"
For many people, myself included, there is no choice. You use what you have available/your company has mandated/your boss thinks is keen in order to get the job done. And you deal with it.
posted by tj at 1:05 PM on July 31, 2001
For many people, myself included, there is no choice. You use what you have available/your company has mandated/your boss thinks is keen in order to get the job done. And you deal with it.
posted by tj at 1:05 PM on July 31, 2001
I think Windows Update is pretty good at this point -- Microsoft has more experience than any company at deploying critical security patches to its diligent customers. Unfortunately, with the proliferation of always-connected Windows machines, there's always thousands of lazy customers to take advantage of.
posted by rcade at 1:29 PM on July 31, 2001
posted by rcade at 1:29 PM on July 31, 2001
There are security problems in every connected OS. Linux has 'em, Solaris has 'em and so on. There is no way around it, even OpenBSD isn't perfect.
The simple reality is ... well.. simple.
If you are an admin on an internet conencted system then security and patch tracking are part fo your job. Get used to it.
Properly maintained, IIS/Win2K/XP/NT are exteremely secure.
And yeah, there are lots of ill maintained Windows boxes - and there are LOTS of RedHat boxes running root exploitable sendmail and BIND versions.
posted by soulhuntre at 6:00 PM on July 31, 2001
The simple reality is ... well.. simple.
If you are an admin on an internet conencted system then security and patch tracking are part fo your job. Get used to it.
Properly maintained, IIS/Win2K/XP/NT are exteremely secure.
And yeah, there are lots of ill maintained Windows boxes - and there are LOTS of RedHat boxes running root exploitable sendmail and BIND versions.
posted by soulhuntre at 6:00 PM on July 31, 2001
« Older Should Election Day be a holiday? | Jordanian king pulls a Princess Jasmine. Newer »
This thread has been archived and is closed to new comments
Every news story has said "Machines running Windows 2000, Windows NT 4.0, or IIS version 4.0 or above."
What OS besides NT or W2K can run IIS?
Some news stories also made it seem as though servers other than MS boxes could be affected.
Does anyone else think that the reports should be a bit more accurate/specific?
posted by Dillenger69 at 7:22 PM on July 30, 2001