Re: Code Red, anyone?

From: Ivan Andres Hernandez Puga (iahpat_private)
Date: Wed Aug 01 2001 - 10:15:19 PDT

Next message: Stuart Staniford: "Re: CodeRed Activity"

Previous message: Richard.Grevisat_private: "Re: Code Red, anyone? now DOS threat ;-)"
Maybe in reply to: Russell Fulton: "Code Red, anyone?"
Next in thread: kerveros: "RE: Code Red, anyone?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have this fresh snort logs

[**] CodeRed IDA Overflow [**]
08/01-12:24:50.373465 211.112.0.4:2951 -> 200.42.132.76:80
TCP TTL:112 TOS:0x0 ID:4065 IpLen:20 DgmLen:1500 DF
***AP*** Seq: 0xA916AC88  Ack: 0x80067D66  Win: 0x4470  TcpLen: 20

[**] CodeRed Defacement [**]
08/01-12:24:51.695317 211.112.0.4:2951 -> 200.42.132.76:80
TCP TTL:112 TOS:0x0 ID:4385 IpLen:20 DgmLen:1155 DF
***AP*** Seq: 0xA916B7F0  Ack: 0x80067D66  Win: 0x4470  TcpLen: 20

Ivan Hernandez.



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Stuart Staniford: "Re: CodeRed Activity"
Previous message: Richard.Grevisat_private: "Re: Code Red, anyone? now DOS threat ;-)"
Maybe in reply to: Russell Fulton: "Code Red, anyone?"
Next in thread: kerveros: "RE: Code Red, anyone?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Aug 01 2001 - 10:15:20 PDT