RE: -{Teknion}- FW: FLASH: cyberattack in progress

From: Kuo, Jimmy (Jimmy_Kuo@private)
Date: Tue Sep 18 2001 - 14:24:30 PDT

  • Next message: Kuo, Jimmy: "RE: Seeking Virus Info"

    The explitive on the web pages is from another virus.  BoxPoison most
    likely.
    
    Jimmy
    
    -----Original Message-----
    From: Roger Bush
    To: 'CRIME'
    Sent: 9/18/01 11:39 AM
    Subject: FW: -{Teknion}- FW: FLASH: cyberattack in progress
    
    ALERT!!!
    
    -----Original Message-----
    From: Ed Carp [mailto:erc@private] 
    Sent: Tuesday, September 18, 2001 11:34 AM
    To: C-Squad@private; htcc-l@private;
    Teknion@private
    Subject: -{Teknion}- FW: FLASH: cyberattack in progress
    
    
    -----Original Message-----
    From: Ed Carp [mailto:erc@private]
    Sent: Tuesday, September 18, 2001 12:08 PM
    To: terrorism@localhost; terrorism@private
    Subject: FLASH: cyberattack in progress
    
    
    We have been getting reports of a new, much more destructive version of
    the
    Code Red worm that swept through the Internet a couple of months ago.
    This
    new variant, called "Code Rainbow" or "Nimda", runs executables on IIS
    servers and infects web pages on the affected site.  The main threats
    appear
    to be (1) the worm spreads through the infection of web pages as well as
    direct probing of other sites, and (2) the high bandwidth the worm takes
    up - it launches a large number of attacks against other servers.  In
    one
    hour, for example, we've logged about 500 attacks against our servers.
    
    We don't know where this one came from, but there have been reports of
    index
    pages displaying messages like "F*** USA Government", so this may be an
    attack by a foreign government or terrorist organization.
    
    More info:
    
    http://www.sarc.com/avcenter/venc/data/w32.nimda.a@private
    http://www.newsbytes.com/news/01/170225.html
    http://www.trusecure.com/html/tspub/hypeorhot/rxalerts/tsa01024_cid177.s
    html
    
    Discussion:
    
    http://slashdot.org/article.pl?sid=01/09/18/151203&mode=thread
    --
    Ed Carp, N7EKG  -  erc@private  -  214/341-4420 -
    http://www.pobox.com/~erc
    
    Squished Mosquito, Inc.
    Internet Applications Development
    Escapade Server-Side Scripting Language Development Team
    http://www.squishedmosquito.com
    Pensacola - Dallas - Dresden - London
    
    
    ------------------------ Yahoo! Groups Sponsor ---------------------~-->
    FREE COLLEGE MONEY
    CLICK HERE to search
    600,000 scholarships!
    http://us.click.yahoo.com/47cccB/4m7CAA/ySSFAA/aRSolB/TM
    ---------------------------------------------------------------------~->
    
    ~`````~`````~`````~`````~`````~`````~`````~`````~`````~`````~`````~`````
    ~```
    ``~`````~`````~
    Teknion! - To protect the children!
    Post ~ Teknion@private
    Subscribe~ Teknion-subscribe@private
    List owner ~ Tek One <teknion@private>
    PedoWatch http://www.pedowatch.org
    NCMEC reporting page
    http://www.missingkids.com/cybertip/ncmec_default_cybertipline.htm
    View Tracker page ~ http://www.thetrainingco.com/teknion_tracker.htm
    Click http://en.egroups.ca/files/teknion/ for Teknion files.
    Main Page ~ http://en.egroups.ca/group/teknion
    Be careful out there!
    ~`````~`````~`````~`````~`````~`````~`````~`````~`````~`````~`````~`````
    ~```
    ``~`````~`````~ 
    
    Your use of Yahoo! Groups is subject to
    http://docs.yahoo.com/info/terms/ 
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:25:02 PDT