2001-08-01 15:03:54, 2002500, Suspicious URL, 210.63.234.152, , v.v.v.v, , , 1, Strange, BlackICE Defender doesn't log timezone explicitly, I guess. I'm PDT, and this was 8:03 A.M., so the log entry must be UTC. My first Code Red this week, on my home machine this morning. I captured it, it's standard CRv2. As a side note, I had an e-mail from ISS last night that said they've got a new set of sigs for Real Secure, including the .ida overflow. I imagine most ISS admins get the same mail, but just in case... Ryan ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Aug 01 2001 - 09:08:33 PDT