CRIME FW: [Information_technology] Daily News 3/13/03

• Previous message: Crispin Cowan: "Re: CRIME funny site that will piss off at least some people"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----Original Message-----
From: NIPC Watch [mailto:nipc.watch@private] 
Sent: Thursday, March 13, 2003 7:00 AM
To: Information Technology
Subject: [Information_technology] Daily News 3/13/03

March 11, eWEEK
New variant of Code Red II discovered. Security experts are watching a
new
variant of the Code Red II worm that began appearing on some monitoring
networks Tuesday. The worm is nearly identical to its ancestor, save for
a
modified drop-dead date that is now several thousand years in the
future.
Known as Code Red.F, the worm uses the same infection method as the
previous
versions, attacking Web servers running Microsoft Corp.'s IIS software.
The
worm so far has infected only a few machines, and because most
administrators patched their servers after the initial Code Red outbreak
in
2001, it is unlikely to spread extensively, experts say. All of the Code
Red
worms exploit an unchecked buffer in the Index Server in the IIS
software.
They then spread by infecting one machine and then scanning a list of
random
IP addresses and attempting to connect to port 80. The original Code
Red,
which struck in July 2001, infected several hundred thousand IIS servers
and
caused massive traffic disruptions on some portions of the Internet.
Source:
http://www.eweek.com/article2/0,3959,924269,00.asp

Internet Security Systems -
AlertCon: 1 out of 4
https://gtoc.iss.net/
Last Changed 11 March 2003

Security Focus ThreatCon: 1 out of 4
www.securityfocus.com
Last Changed 10 March 2003

Current Virus and Port Attacks
Virus: #1 Virus in USA: PE_FUNLOVE.4099
Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
United States]

Top 10 Target Ports: 137 (netbios-ns), 80 (www), 1434 (ms-sql-m), 445
(microsoft-ds), 113 (ident), 6346 (gnutella-svc), 139 (netbios-ssn),
4662
(eDonkey2000), 25 (smtp), 53 (domain)
Source: http://isc.incidents.org/top10.html; Internet Storm Center

_______________________________________________
Information_technology mailing list
Information_technology@listserv
http://listserv.infragard.org/mailman/listinfo/information_technology

• Next message: tobyhush@private: "RE: CRIME funny site that will piss off at least some people"
• Previous message: Crispin Cowan: "Re: CRIME funny site that will piss off at least some people"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Mar 13 2003 - 09:52:17 PST