Re: FW: Careful. This is for information only.

To: debian-user@lists.debian.org
Subject: Re: FW: Careful. This is for information only.
From: Mike McGuire <mjm19@po.cwru.edu>
Date: Mon, 6 Aug 2001 19:55:09 -0400
Message-id: <[🔎] 20010806195509.A12371@spoon>
In-reply-to: <[🔎] 20010806141412.B1259@harmony.cs.rit.edu>
References: <[🔎] C5320323443B4446BF2176DF2475CF1804959C@BEEKER.acresgaming.com> <[🔎] 20010806141412.B1259@harmony.cs.rit.edu>

> 
> | Amazing!  Someone on /. proposed writing a script that whenever
> | anyone hits your web server with XXXX, you automatically connect
> | back and halt the attacking machine, thus stopping the spread.
> 
> I would ike to see something like this <grin>.  I was thinking of
> putting a CGI script as /default.ida on my apache server and doing
> some funny stuff with it -- maybe combine the previous auto-alert
> stuff to notify the system it is hosed.  Now if windoze had 'mail' and
> an MTA this shell access could allow one to mail the admin (as "root"
> of course) right after the probe.  Does anyone know how to kill a
> process (ie the worm or IIS) or shutdown a windows system from the
> command line?

Ooh! Ooh!
And I never thought this would be of any use whatsoever. :)
Ok, in Win95 at least, this works (pretty sure this is right):

    rundll32 user32.dll,ExitWindows

w00t.
Mike McGuire

Reply to:

Follow-Ups:
- Re: FW: Careful. This is for information only.
  - From: Mike McGuire <mjm19@po.cwru.edu>

References:
- FW: Careful. This is for information only.
  - From: "Gilger.John" <JGilger@acresgaming.com>
- Re: FW: Careful. This is for information only.
  - From: dman <dsh8290@rit.edu>

Prev by Date: RE: Linux on less than 8MByes of Memory
Next by Date: Re: FW: Careful. This is for information only.
Previous by thread: Re: FW: Careful. This is for information only.
Next by thread: Re: FW: Careful. This is for information only.
Index(es):
- Date
- Thread