Date: Tue, 7 Aug 2001 18:11:57 -0700 (PDT) From: "f.johan.beisser" <jan@caustic.org> To: User & Ian Patrick Thomas <ipthomas_77@yahoo.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Is this what the Code Red II worm does? Message-ID: <Pine.BSF.4.21.0108071807070.5567-100000@pogo.caustic.org> In-Reply-To: <20010807165527.A17579@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 7 Aug 2001, User & Ian Patrick Thomas wrote: > I am the network, it's just my one box. Although I do use a cable > connection so maybe some of the other people in my area could also be > considered part of the network. I am not currently running apache or any > other web server yet.:( It seems that maybe some of the users in my area > have gotten infected by the worm. recent analysis of the CodeRedII IIS worm seems to indicate that it's spreading fairly heavily on cable modem systems. Specifically windows 2000 installations that haven't been very well locked down. remember, that the CodeRedII worm is a bit more efficiant in scanning the network near itself, more so than CodeRed v1 and v2. there's a few threads on this subject on bugtraq and incidents. both are archived, and easily subscribed to from http://www.securityfocus.com. -- jan -------/ f. johan beisser /--------------------------------------+ http://caustic.org/~jan jan@caustic.org "if my thought-dreams could be seen.. "they'd probably put my head in a gillotine" -- Bob Dylan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0108071807070.5567-100000>