/me copies the Mandrake All-In-One firewall product's CD and adds it to the Twofer outbox.

nexxcat, thanks for the sad, sad info on the Cisco 6xx stuff. Up 'til now, the thing had treated me fine, although I'd heard rumblings of discontent here and there.

Sure makes me glad I run a software firewall behind it, though -- and crap like this makes me want to take an old carcass I've got laying around and do a cheap Linux hardware firewall -- I'm sure one more box's fan noise won't drive me crazy.

I'll probably get to that about the time you get your Covad SDSL, heh...

TwoFer: That "cisco" router was probably developed by one of the companies they swallowed. Seriously, *real* Cisco kit rocks (even the 2500 series), but their 3-digit-product-number stuff for the home is absolute crap. With all the issues people are having with the Cisco 6xx's, I'm glad I have this no-name DSL-Ethernet bridge for my radsl (which is also pretty much close to crap, but hey). I think after the year's done, I'm going to see if Covad is still alive, can my ilec for both voice and data, use my mobile as my voice and get a Covad sdsl. Yeah. And I'm going to win the lottery tomorrow. Really.

Originally Posted by E*DAVE
Well, no hotmail servers, but @Home should really crack down on people running servers. Not because they are a bandwidth strain, but because the are idiots

1 ci594693-a.edgewd1.ky.home.com 38 0.29% 32
2 c890631-c.hlndpk1.il.home.com 39 0.3% 30
3 cx1208800-b.blvue1.ne.home.com 34 0.26% 29
4 cc883313-a.strhg1.mi.home.com 40 0.31% 28
5 cc620836-a.sandia1.nm.home.com 33 0.25% 28
6 ci261833-a.edgewd1.ky.home.com 29 0.22% 24

My IP was 7th on this list.... That\'s how bad this worm is, considering I use my webserver for development work everyday

I've been down most of the day because my DSL router has gradually gone on the fritz, freezing every few minutes, and getting worse with time. This evening I got a call from the ISP, informing me that my [i][b]Cisco route/b][/i] might be infected with the Code Red II worm... which it was. Nothing in the LAN, of course -- firewall and AV insured that -- it's the OS of the router itself that was susceptible. Apparently they've known this for at least a month, too. Nice folks.

There's a temporary fix, good 'til the next generation -- then I'll have to bring the system down and do the patch all over again. Cisco is "working" on a permanent fix... crackers are working on the next worm, too.

So, if something as primitive and supposedly secure as an embedded-system router is susceptible to unforseen and repeated attacks, someone tell me how Microsoft is going to keep their OSes and apps free of 'em, especially since it appears to be too expensive to build in proper security from the start?

And I'm going to depend on their crap for my business... yeah, right.

Originally Posted by patrickr
Sort of like mentioned before...if this is happening to MS now just wait to the XP validation servers....can\'t use your windows because MS is being attacked....hmmm...doesnt sound right...
...
...ok ill stop with the dots

TargetBoy, "scary" isn't nearly strong enough a word. Try to update W2K without using Windows Update and see the runaround you get...

I shudder to think of where things will have gone by the time XP is common, and the exploited machines more common, and Microsoft still not keeping up.

Originally Posted by dissonance
Baxter, here\'s what Stephen Barash sent along from his IIS logs...

Domain Name Hits Users Time of Last Access
pav-office9.hotmail.com 37 25 August, 08 2001 06:50:49 PM
law9-dc1.law9.hotmail.com 14 2 August, 06 2001 03:21:32 AM
law13-dc1.law13.hotmail.com 29 9 August, 08 2001 09:47:53 AM
oe6.pav0.hotmail.com 57 6 August, 07 2001 06:05:48 PM
law12-dc1.law12.hotmail.com 7 3 August, 06 2001 04:18:07 PM
law14-dc2.law14.hotmail.com 28 4 August, 07 2001 01:47:45 AM
g16.pav2.hotmail.com 16 4 August, 07 2001 04:10:24 AM
msgr-cs10.msgr.hotmail.com 673 34 August, 08 2001 09:50:29 PM
dc8.hotmail.com 4 2 August, 07 2001 08:23:35 PM

now that all probably looks like ass with the formatting it\'ll get... but there\'s more than two servers there. Could Microsoft have, gasp, lied about the number of servers? Maybe they didn\'t even know the extent.

As for Ballmer, the video was no big deal as far as I was concerned. The dude should just lay off the caffiene a little bit ;)

This is not to mention that Windows Update was previously infected with Code Red and there is no sign that MS conducted a security audit of the server. That is pretty damn scary, since it had been open to a full-control exploit for over a month that was published shortly after the vulnerability had been discovered. Code Red was not the first exploit to take advantage of this vulnerability.

Originally Posted by Baxter
It was two servers, and not significant servers at that. Out of the thousands and thousands of servers that Microsoft has on the internet, you actually think two make that big of a difference?

http://iwsun4.infoworld.com/articles/hn/xml/01/08/09/010809hnmscode...

Also what other CEO has balls enough to dance around and have a good time? At least he\'s not the up tight, riding on his high horse, CEO that the rest of us probably work for.

Perhaps they should bundle the IIS patch with the Ballmer Dances vid...

Originally Posted by E*DAVE
I have one thing to say:

BWHAHAHAHAAHAHAHAHAHAHAHAHAHAHAHAHAHAH

Originally Posted by SuperRob
Wasn\'t there a big hullaballoo a while back about the fact that Hotmail\'s servers aren\'t running a Microsoft OS? I seem to remember that very clearly.

I guess they must have finally upgraded them.

As far as Gerbil #1\'s comment ... No one at Microsoft used to complain when the stock options flowed like water about the lack of respect and commensurate pay. Interesting how changes in the economy lead to changes in people\'s perceptions.

indeego: It\'s most likely conincidence and miscommunication that are leading to the stumbles, not Balmer. Microsoft is too huge to communicate effectively. They have nearly 50 offices in Washington alone (I\'m probably over estimating, but not by much). It\'s far more likely that it\'s newer employees coming in making the mistakes, since a great deal of the old guard have left or have new responsiblities.

However, you still need to chalk it up to bad management. They are always ultimately responsible.

The Steve Balmer "Monkeyboy" dance making it's way through the net now is probably a good indication of how the incompetance trickles down a tad unconsciously. Not saying the company was run perfectly before, but it's looking like idiotic mis-step after mis-step ever since Balmer took over...

As all large companies go, M$ always like to talk a good talk, but they don't back up their employees enough to make us be diligent employees. A little more money/respect, and *gasp* accountablity (all around) and you'll find a much more efficient corp.