Re: CodeRed Activity

From: Ryan Russell (ryanat_private)
Date: Wed Aug 01 2001 - 10:30:16 PDT

Next message: Kevin Holmquist: "code red scan update"

Previous message: Ryan Russell: "A note about logging hostname vs. IP address"
In reply to: Stuart Staniford: "Re: CodeRed Activity"
Next in thread: Stuart Staniford: "Re: CodeRed Activity"
Reply: Stuart Staniford: "Re: CodeRed Activity"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 1 Aug 2001, Stuart Staniford wrote:

> Assuming it's the CRv2 code again,

I've caught 4 copies so far.  All CRv2.

> that suggests that there are roughly 45% as
> many vulnerable hosts as there were last time.  It's going to be as fully
> saturated as it gets early this afternoon.

We didn't reach saturation point last time, we hit the mode switch.

						Ryan


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Kevin Holmquist: "code red scan update"
Previous message: Ryan Russell: "A note about logging hostname vs. IP address"
In reply to: Stuart Staniford: "Re: CodeRed Activity"
Next in thread: Stuart Staniford: "Re: CodeRed Activity"
Reply: Stuart Staniford: "Re: CodeRed Activity"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Aug 01 2001 - 10:47:59 PDT