What the heck?

“I've been trying to get on Trail Talk all day but only getting server not found errors. I was in withdrawls so bad I put a forum on my site.

I'm glad your back...”

“Yep, couldn't log in the whole day. Must've been the Code Red bug.”

“Been trying to log on since Saturday evening. On the few occasions I didn't get server not found messages, I got directed to a webserver site in Pembroke, MA. Since I knew Matt said his server was in the Boston area, I emailed them and asked them what was going on. They replied that had been under denial of service attacks from the code red worm and were busy trying to defend against it. All they could say was "Be patient". I emailed a few of the regulars with the info.

Glad it's back up and running. I was beginning to feel like I'd lost a family member! Yo, Matt, we missed you. Your site was the only one I found targeted. All the other boring BP sites were doing just fine.”

“Well, if someone did target thebackpacker.com for DOS then I am flattered. Some newbie must have been blasted by a regular one to many times.”

“It's nice to know that Matt's service provider is right on top of things. Geez, it only takes about a minute to install the patch that protect the Microsoft bug that allowed worms like Code Red to spread. There was all this publicity on the patch. I guess they didn't feel like it was worth the time...or they were too busy...I wonder how busy they were this weekend?”

“Thanks, Matt, for providing this site. We know it is not your fault when these kinds of problems arise.”

“Matt, "some newbie must have been blasted by a regular too many times"?

That's not really what happened is it? If so I'll never do it again! Mea Culpa!”

“i have something for y'all to try.

it's called "backpacking".

when you do this "backpacking", you don't notice that anything is wrong on 'trail talk'.”

“Have a nice weekend hike, Rad?”

“actually, i had to rest this past weekend, because i had surgery last week. but i still could not bring myself to sit on my ass all weekend, so we headed to the mountains, anyways, for some dayhiking.

i'm hiking for the next four weekends, though!”

“Bigfoot had his own version of TT this weekend. Yowwwwser.”

“Actually Ski: its easy to protect your server from getting infected by Code Red and its variants. Its not so easy to protect yourself from denial of service attacks which come from other servers which have been affected by a variant of code red.”

“Ya think newgirl would know how to do that, Matt?? Errrrrr, NO!!! Moooooohahahahaha!!!”

“What,... was TT down....LOL

I tried to get on here last night too and couldn`t...... I sure do miss TT when it`s not going.

Thanks Matt....”

“I think he may have been referring to the webmaster of a certain competing message board.”

“Yup, I agree PedXing. So you think the IP or hostname of thebackpacker.com was targeted? A denial of service attack may attack a particular site and in doing so, may cause that site to become overloaded. More than likely, it would "deny" access by slowing down the internet by increasing requests from a multitude of servers. The couple of times I was on this weekend saw no such slowdown.”

“Oh yeah...I wanted to make something crystal clear. I do not blame Matt for the site being down in any form, fashion or manner. I realize it was his service provider which provides space on a box and possibly some other services....all at a cost to Matt, BTW.”

“Matt, I think any regular who blasts the newbies should be banned from this site.”

“Ummm bacpac

The YMCA was a place where Gay Men went to "stay". They would all meet up for sex. ...Of all people, I thought you would have known that. The only reason I knew, was because I watched the VH1 behind the music on the Village People.”

“that wasn't supposed to go here....”

“you would know where to put it, if you stayed at the Y!”

“I sense the "hang-ups" are due to the banner-ad folks. Sometimes, by going to my other bookmark (the NOT TT Today) I can get through. Anyone else share similar observations?”

“Yup.

I didn't try to get on this weekend but have noticed that sometimes the ad loads (or it's target) and nothing more. Or if I get a 'page not available' message, I can sometimes get in another way.”

“I just got a copy of webwasher Now I don't see those stupid adds anymore.

I'll let you know if it horks my PC”

“Watch out! Last time something "horked" in my pc, it really forked it up!”

“lol Steiny!”

“rad, I think he did stay at the 'Y' and he is still putting it in the wrong place.”

“from InformationWeek Daily...


** Code Red II Strikes

Businesses that neglected to patch security holes in their Microsoft 2000 and NT servers last week are feeling the effects of the most aggressive version of the Code Red worm to date, which struck this weekend. SecurityFocus' Attack Registry &
Intelligence Service discovered rapid infections beginning late Saturday evening.

An analysis conducted by eEye Digital Security showed that while the worm uses the same method to infect servers running
Microsoft's Internet Information Services software, this version
packs a potentially more powerful wallop. Code Red II drops a
Trojan program, which creates a "back door," or a way for the
attacker to gain access to the infected server at a later date.
According to Elias Levy, chief technology officer of
SecurityFocus, Code Red II has a much higher attack rate. While the original Code Red worm spawned 100 scanning threads, this version spawns 300 or 600 threads, letting it locate potential servers to infect much more quickly.

Experts say the companies that have patched their Microsoft 2000 and NT servers are safe from the worm, which infected more than
135,000 systems over the weekend, but even more should be done.
"Patches are effective in terms of preventing infection, but
system administrators still need to remove the file or back door
by using antivirus software," says Stephen Trilling, director of research at the Symantec AntiVirus Research Center.

"The most common security break-ins are through known security
holes," Trilling adds. When software manufacturers develop a patch for vulnerability in their software, "they announce it to
their customers as well as to all the malicious people who want to take advantage of it," Trilling says.

Gartner research director John Pescatore says he's advising his clients to put intrusion-prevention software on their IIS Web servers, which he considers to be "horrible from a security perspective." Pescatore also advises his clients to address
security issues regularly instead of waiting for an attack to throw them into action. "Don't rely on 'we'll do better next time'," he says. "Leave your snow tires on the Web servers all year round, because hackers don't go by seasons." - George V. Hulme and Tischelle George


For related coverage, see
Full Disclosure
http://update.informationweek.com/cgi-bin4/flo?y=eEJV0Byxxq05M0Quq0Ab

Code Red: Are You Ready For The Next Attack?
http://update.informationweek.com/cgi-bin4/flo?y=eEJV0Byxxq05M0Qut0Ae

Code Red: Day Two
http://update.informationweek.com/cgi-bin4/flo?y=eEJV0Byxxq05M0Qnl0AP”