Saw the message in source, when I was looking at the site originally. But couldn't this also be a red herring, placed there by the author of CR to divert suspicion...it is, after all, easy and trivial to add that to a web page's source. Especially given that they are running on Linux and Apache (link here: http://uptime.netcraft.com/up/graph/?host=www.tao.ca) Note: again, netcraft results to be taken as an indicator and not gospel. However, it makes sense, since they are otherwise so down on Microsoft and seem to glory in their 'leetness.' Mike ----- Original Message ----- From: "Michal Nazarewicz" <m.nazarewiczat_private> To: "'Michael J. Cannon'" <mcannonat_private>; <incidentsat_private> Sent: Friday, August 24, 2001 2:42 AM Subject: RE: Code Red - A Possible Origin? > > Tongue VERY firmly in cheek here, gang. Let's not mistake a > > group's target > > of opportunity for the real thing. But it's interesting that > > somone would > > have the balls to claim responsibility, no matter how indirectly. > > ...let's also add that there is a message written in black on black > background which says: > > red worm denial-of-service dos code welcome to http://www.worm.com! Hacked > by Chinese - xo ha > > > > -------------------------------------------------------------------------- -- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Aug 27 2001 - 13:09:39 PDT