Re: Code Red gone to sleep?

From: Kath (kathat_private)
Date: Tue Oct 02 2001 - 16:37:25 PDT

Next message: cambriaat_private: "Re: Code Red gone to sleep?"

Previous message: Ryan Russell: "Re: Code Red gone to sleep?"
In reply to: Jay D. Dyson: "Code Red gone to sleep?"
Next in thread: cambriaat_private: "Re: Code Red gone to sleep?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Nimda attacks are actually down according to my snort sensor.

- k

----- Original Message -----
From: "Jay D. Dyson" <jdysonat_private>
To: "Incidents List" <incidentsat_private>
Sent: Tuesday, October 02, 2001 6:54 PM
Subject: Code Red gone to sleep?


> -----BEGIN PGP SIGNED MESSAGE-----
>
> Hi folks,
>
> We were discussing on the Early Bird Developers list that none of
> us have seen any Code Red scans since September 30th.  This can only mean
> one of four things:
>
> 1. Code Red has "gone to sleep,"
>
> 2. Code Red committed ritual seppuku and rm'd every box it
> previously infected,
>
> 3. Nimda has taken over all previously infected Code Red
> systems[*],
>
> 4. All the automated intrusion attempt notices finally paid
> off and affected sites have finally shut their infected
> systems down.
>
> While I'd like to believe that the silence is due to option #4,
> experience leads me to believe that options #1 and #2 are most likely, and
> option #3 is a close runner-up.
>
> - - -Jay
>
> * Nimda is still banging away like a nympho bunny on Spanish Fly.
>
>   (    (                                                         _______
>   ))   ))   .-"There's always time for a good cup of coffee."-.
>====<--.
> C|~~|C|~~| (>------ Jay D. Dyson - jdysonat_private ------<) |    =
|-'
>  `--' `--'  `--------------- rm -rf /bin/laden ---------------'  `------'
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> Comment: See http://www.treachery.net/~jdyson/ for current keys.
>
> iQCVAwUBO7o3j7lDRyqRQ2a9AQH6JgP/dBanAhC7L2O9Y0DiqXYx7sqX/dmiSmVh
> Bd4eBI/t/01FmYBg+EV3SgFWrX/+u+JCl5soPz/ck0XQ+0YN5Lmq3ltsw1TDqwVa
> ApyxIRhNBe3hZSpID1LnpuNuNpQm+O3ZXD/jXPRGHVnaobzjAMnPwDYNhNGHRUhV
> wIJs3tFt6VM=
> =yh/M
> -----END PGP SIGNATURE-----
>
>
> --------------------------------------------------------------------------
--
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management
> and tracking system please see: http://aris.securityfocus.com
>


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: cambriaat_private: "Re: Code Red gone to sleep?"
Previous message: Ryan Russell: "Re: Code Red gone to sleep?"
In reply to: Jay D. Dyson: "Code Red gone to sleep?"
Next in thread: cambriaat_private: "Re: Code Red gone to sleep?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Oct 02 2001 - 17:17:48 PDT