Conclusion for the dirrent Code Red URL's....

From: Daniel Mostertman (securityfocusat_private)
Date: Sun Aug 05 2001 - 01:33:06 PDT

Next message: David Brown: "Re: snort signature for new CodeRed varient"

Previous message: Ryan Russell: "CodeRed II ARIS Incident Analysis"
Next in thread: Ryan Russell: "Re: Conclusion for the dirrent Code Red URL's...."
Reply: Ryan Russell: "Re: Conclusion for the dirrent Code Red URL's...."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all,

My conclusion, is that, dispite the fact that the X's and O's only turned up 
a couple of days ago, that the inventor thought that we were going to be 
patched for the N's, and not for the X's or O's or any other character.

My suggestion is that he kept that in mind, and set a timer (I guess August 
1st), to deploy these activities, and that it's not a new variant, but the 
same, existing, first one.

Any good reason why I shouldn't think that?

// Daniel Mostertman

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: David Brown: "Re: snort signature for new CodeRed varient"
Previous message: Ryan Russell: "CodeRed II ARIS Incident Analysis"
Next in thread: Ryan Russell: "Re: Conclusion for the dirrent Code Red URL's...."
Reply: Ryan Russell: "Re: Conclusion for the dirrent Code Red URL's...."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Aug 05 2001 - 09:25:23 PDT