I'm collecting some background information w/ regards to Code Red's release and proliferation. While the paper isn't specific to Code Red, CR does offer a good example. I'm looking for specifics on the worm, more so than those found in Marc Maiffert's Senate subcommittee testimony: http://www.eeye.com/html/Research/Papers/DS20010925.html Specifically: 1. Who was "patient 0"? Who was the first the admin who contacted eEye with the initial reports? What domain first reported the "attacks"? 2. From what IP addresses did the first attacks originate? 3. Who was the second admin to contact eEye and provide a binary code capture? Thanks. I think this information will add impact to the overall content. __________________________________________________ Do You Yahoo!? Listen to your Yahoo! Mail messages from any phone. http://phone.yahoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sat Sep 29 2001 - 11:14:07 PDT