Other China Hack Attempts Concurrent With Code Red

From: David E. Weekly (dweeklyat_private)
Date: Thu Jul 19 2001 - 21:03:06 PDT

  • Next message: Ryan Russell: "Re: CodeRed"

    I've seen 58 hosts attempt to access default.ida with an overflow string on
    my box. I've had several other attempts, though, that seem to be hand-done,
    including several FTP logins and an attempt to send the GET strings "^D^A"
    and "^E^A^B" to my webserver (Apache). Any ideas what the latter might be?
    
    -david
    
    
    
    
    
    ----------------------------------------------------------------------------
    
    
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see:
    
    http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Thu Jul 19 2001 - 23:36:50 PDT