From: Ryan L. Means (rmeans_at_law.berkeley.edu)
Date: Fri Aug 01 2003 - 15:39:56 PDT
Craig,
Three confirmed compromises in the Law School, at last scan about 30
machines here are still vulnerable. I'll support the block on all of
Microsoft's suggested ports.
Ryan "Spineless" Means
Craig Lant wrote:
> OK, so no one seems to have the guts to back me up on this and I haven't
> heard from anyone who doesn't want a block. ;) Let me pose a few quick
> questions before I authorize a block.
>
> First, how many machines have actually been compromised? So far, I've
> only heard of less than 30 or so confirmed compromises and I can assure
> you the kiddies are trying. We're seeing lots of scanning going on.
>
> Second, how many vulnerable machines are still out there? Everyone I've
> spoken to has got the message and has been working feverishly (thank
> you) to get their systems patched so they wouldn't be left out naked
> over the weekend.
>
> If we do a block, Microsoft is suggesting that ALL of 135, 137, 139, and
> 445 be blocked. That will definitely cripple hundreds, if not
> thousands, of users who probably don't subscribe to these lists. This
> will shut off all windows file sharing from home, access to exchange
> servers from home, remote desktop access from home, etc. This would at
> least be in place over the weekend. So, if this is a problem for anyone
> reading this, speak up now.
>
> Thanks,
> Craig
>
> -------------------------------------
> Sent via the ucb-security mailing list.
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
This archive was generated by hypermail 2.1.5 : Fri Aug 01 2003 - 16:07:07 PDT