On Sun, 5 Aug 2001, Daniel Mostertman wrote: > My conclusion, is that, dispite the fact that the X's and O's only turned up > a couple of days ago, that the inventor thought that we were going to be > patched for the N's, and not for the X's or O's or any other character. So far, there are no O's. I e-mailed Fred about that, and it turns out that it was a font problem that made the space between X's look like O's. > > My suggestion is that he kept that in mind, and set a timer (I guess August > 1st), to deploy these activities, and that it's not a new variant, but the > same, existing, first one. > > Any good reason why I shouldn't think that? The attack vector is a cut-and-paste from Code Red, with the padding letter changed. However from there, the rest of the worm is completely different, and doesn't have any family resemblence to Code Red. Ryan ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Aug 05 2001 - 09:54:16 PDT