SANS Warning

From: Richard Goerling (richardg@private)
Date: Tue Sep 18 2001 - 09:56:49 PDT

Next message: Caroline Smith: "RE: Seeking Virus Info"

Previous message: Adam Lipson: "Seeking Virus Info"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 At about 10:30 am EST large amounts of web traffic began being reported by
Internet Storm Center participants. The traffic is tcp port 80 and much of
it is active scanning for known IIS vulnerabilities. Little is known about
this activity currently, but it appears to have worm propagation
characteristics. Due to the intensity of scanning some sites are reporting
DoS effects. Please examine traffic logs for outbound activity indicating
that your site may have been compromised.  
 
 http://www.incidents.org/
 <<Welcome to incidents.org - By The SANS Institute.url>>

application/octet-stream attachment: Welcome_to_incidents.org_-_By_The_SANS_Institute.url

Next message: Caroline Smith: "RE: Seeking Virus Info"
Previous message: Adam Lipson: "Seeking Virus Info"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:24:56 PDT