Re: Code Red gone to sleep?

From: hvdkooijat_private
Date: Thu Oct 04 2001 - 16:29:45 PDT

  • Next message: cambriaat_private: "Re: Code Red gone to sleep?"

    On Tue, 2 Oct 2001, Jay D. Dyson wrote:
    > 	We were discussing on the Early Bird Developers list that none of
    > us have seen any Code Red scans since September 30th.
    It seems CodeRed isn't dead yet. I just logged an access attempt to
    default.ida from a Korean machine that seem to be infected with some
    The server reported on port 80:
    HTTP/1.1 200 OK
    Server: Microsoft-IIS/5.0
    Date: Sun, 10 Jun 2001 23:22:54 GMT
    Connection: Keep-Alive
    Content-Length: 1176
    Content-Type: text/html
    Cache-control: private
    I was unable to understand a single character shown on the server.
    PS: nimda seems to slow down a little bit.
    All email send to me is bound to the rules described on my homepage.
    	    Don't meddle in the affairs of sysadmins,
    	    for they are subtle and quick to anger.
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see:

    This archive was generated by hypermail 2b30 : Thu Oct 04 2001 - 20:36:24 PDT