On Sat, Aug 11, 2001 at 01:11:25PM -0500, Brian wrote: > Although there are tools to get rid of Code Red, the fact that root.exe is > sitting in plain sight is opening the door to any hack you want. Every > security bulletin I've read says fdisk, format is the only way to make > sure you're clean. It seems to me that WinNT/2k has finally moved up in the world. Past exploits on NT/2k have all been DoS, kill the box types. Here is one where the box can be used as a jump point to launch other attacks. Linux has suffered from these problems for years and it's common knowledge that you should format the disk and reinstall after being hacked. MS admins are finally going to learn that they need to format the box and reinstall after a break in. Luckily for them, reinstalling Windows is probably already second-nature to them. :) Nate