> what is strange is that the cmd.exe / root.exe stuff is half way > through with some other code before it the ip it hit was not mapped to > anything ( I believe it is unused) so this can not have been part of > another tcp converstion any ideas ? I have been seeing similar odd cmd.exe packets as well.=20 It looks like part of a Code Red or a new variant. Anyone else seeing the same? ---------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Fri May 30 2003 - 15:26:36 PDT