Comments on: 0day gets hundreds of thousands of web servers http://www.mckeay.net/2008/04/28/0day-gets-hundreds-of-thousands-of-web-servers/ The views of one man on security, privacy and anything else that catches his attention. The views expressed on this blog do not reflect the views of my employer or anyone other than myself. Thu, 02 Feb 2012 21:45:54 +0000 hourly 1 http://wordpress.org/?v= By: Information security framework | Consulting & Business Intelligence Services Private Limited http://www.mckeay.net/2008/04/28/0day-gets-hundreds-of-thousands-of-web-servers/comment-page-1/#comment-10071 Information security framework | Consulting & Business Intelligence Services Private Limited Thu, 08 Dec 2011 09:52:21 +0000 http://www.mckeay.net/2008/04/28/0day-gets-hundreds-of-thousands-of-web-servers/#comment-10071 [...] Information security framework Jane Agarwal  -  Dec 08, 2011  -  Business, Information, Security  -  No Comments A 0day with an automatic discovery and dissemination tool shouldn’t be a surprise to anyone. The fact that it’s hit hundreds of thousands of sites in less than a couple of weeks is slightly surprising, though it mainly means that the bad guys are moving fast. Is this just the next step in Internet security, where we have new 0day vulnerabilities sweeping through web servers on a regular basis? Source: Network Security Blog [...] [...] Information security framework Jane Agarwal  -  Dec 08, 2011  -  Business, Information, Security  -  No Comments A 0day with an automatic discovery and dissemination tool shouldn’t be a surprise to anyone. The fact that it’s hit hundreds of thousands of sites in less than a couple of weeks is slightly surprising, though it mainly means that the bad guys are moving fast. Is this just the next step in Internet security, where we have new 0day vulnerabilities sweeping through web servers on a regular basis? Source: Network Security Blog [...]

]]> By: Martin http://www.mckeay.net/2008/04/28/0day-gets-hundreds-of-thousands-of-web-servers/comment-page-1/#comment-1728 Martin Tue, 29 Apr 2008 00:05:08 +0000 http://www.mckeay.net/2008/04/28/0day-gets-hundreds-of-thousands-of-web-servers/#comment-1728 Thanks for the clarification Larry. Brian was a bit overzealous on this one, but he's usually pretty close to the mark. I continue to have confidence in his writing. I didn't have to propagate the message without further corroboration either. Live and learn. Martin Thanks for the clarification Larry. Brian was a bit overzealous on this one, but he’s usually pretty close to the mark. I continue to have confidence in his writing. I didn’t have to propagate the message without further corroboration either. Live and learn.

Martin

]]> By: Larry Seltzer http://www.mckeay.net/2008/04/28/0day-gets-hundreds-of-thousands-of-web-servers/comment-page-1/#comment-1727 Larry Seltzer Mon, 28 Apr 2008 23:36:53 +0000 http://www.mckeay.net/2008/04/28/0day-gets-hundreds-of-thousands-of-web-servers/#comment-1727 There is no 0day and the servers aren't compromised. It's SQL injection attacks against poorly-written applications. The Washington Post story made an excessive leap to the conclusion that it must be as a result of the vulnerability disclosed the week before, but that vulnerability is quite difficult to exploit and probably can't be on a default install. There is no 0day and the servers aren’t compromised. It’s SQL injection attacks against poorly-written applications. The Washington Post story made an excessive leap to the conclusion that it must be as a result of the vulnerability disclosed the week before, but that vulnerability is quite difficult to exploit and probably can’t be on a default install.

]]> By: Ben http://www.mckeay.net/2008/04/28/0day-gets-hundreds-of-thousands-of-web-servers/comment-page-1/#comment-1725 Ben Mon, 28 Apr 2008 16:55:20 +0000 http://www.mckeay.net/2008/04/28/0day-gets-hundreds-of-thousands-of-web-servers/#comment-1725 They've not been too quiet... see this post from late Friday with links to another advisory and a blog write-up on IIS.net... http://blogs.technet.com/msrc/archive/2008/04/25/questions-about-web-server-attacks.aspx They’ve not been too quiet… see this post from late Friday with links to another advisory and a blog write-up on IIS.net…
http://blogs.technet.com/msrc/archive/2008/04/25/questions-about-web-server-attacks.aspx

]]>