Date: Fri, 17 Aug 2001 16:47:16 +1000 From: "Shevland, Joseph (AU - Hobart)" <jshevland@deloitte.com.au> To: 'default - Subscriptions' <default013subscriptions@hotmail.com>, "'freebsd-security@FreeBSD.ORG'" <freebsd-security@FreeBSD.ORG> Subject: RE: Silly crackers... NT is for kids... Message-ID: <CDDF6190494B6648934181A2719E72C1019E84E4@ausyd0405.au.deloitte.com>
next in thread | raw e-mail | index | archive | help
It the CodeRed (II) virus, but there's no sinister Evil Dude/s picking on
you; these comprised IIS servers randomly try and infect any other IP/server
they can connect to port 80 on... its a bit of a DoS for some people,
hopefully the IIS weenies will patch their servers as soon as possible so
these things stop.
Cheers,
Joe
> -----Original Message-----
> From: owner-freebsd-security@FreeBSD.ORG
> [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of default -
> Subscriptions
> Sent: Friday, 17 August 2001 4:35 PM
> To: freebsd-security@FreeBSD.ORG
> Subject: Silly crackers... NT is for kids...
>
>
> Hi,
>
> Recently hundreds of I.P. addresses have been attempting to use an NT
> exploit on my FreeBSD web server as if it were an NT
> server... Apache logs
> the attack like this:
> ci9809-a.ruthfd1.tn.home.com - - [17/Aug/2001:00:53:16 -0500] "GET
> /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> XXXXXXXXXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> XXXXXXXXXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> XXXXXXXXXXXXXX
> XXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u909
> 0%u6858%ucbd3%
> u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0
> 000%u00=a
> HTTP/1.0" 404 276 "-" "-"
***********Confidentiality/Limited Liability Statement***************
Have the latest business news and in depth analysis delivered to your
desktop. Subscribe to "Insights", Deloitte's fortnightly email
business bulletin . . .
http://www.deloitte.com.au/preferences/preference.asp
This message contains privileged and confidential information intended
only for the use of the addressee named above. If you are not the
intended recipient of this message, you must not disseminate, copy or
take any action in reliance on it. If you have received this message
in error, please notify Deloitte Touche Tohmatsu immediately. Any
views expressed in this message are those of the individual sender,
except where the sender specifically states them to be the views of
Deloitte.
The liability of Deloitte Touche Tohmatsu, is limited by, and to the
extent of, the Accountants' Scheme under the Professional Standards
Act 1994 (NSW).
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CDDF6190494B6648934181A2719E72C1019E84E4>