Todays useless script, is because I found I was doing this by hand. I keep seeing these long URL requests full of Ns in my apache log. And the 404's looking for foolish .exe's. So I have a new script at my scripts page. This is msg-infected-server.expect. You just pass it a server as the argument and it attempts to email it this message to that server.
Hello, your server appears to be infected with some kind of a worm, code red or NIMBDA, it attacked my server.note this entry was modified to have the expect version rather than the netcat version since nc would feed data faster than the server could react so it wouldn't accept the connection.
Please update your server. http://windowsupdate.microsoft.com most of these worms fixes have been available for more than six months.
I have not included my email address as I do not like recieved infected attachments. Thanks!
from a concerned Internet user.