Date: Sun, 5 Aug 2001 22:25:18 -0400 From: Louis LeBlanc <leblanc+freebsd@acadia.ne.mediaone.net> To: questions@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: Re: Code Red 2 - (was : Attempted Buffer Overrun in via httpd? ) Message-ID: <20010805222517.A33022@acadia.ne.mediaone.net> In-Reply-To: <200108060035.f760Zkx30388@grumpy.dyndns.org> References: <20010805222826.9412F1FA2A9@deborah.paradise.net.nz> <200108060035.f760Zkx30388@grumpy.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
If you are only getting one every 5 minutes, you're not being targeted much, meaning you're not very high on the prng cycle. I've gotten about 1300 hits since I closed off the firewall - I never get much traffic, other than myself :) from work, etc. I'm seeing anywhere from 3 to 7 per minute in the last hour. I wonder if they'll _ever_ get this one under wraps? *THANKS* bill! L On 08/05/01 07:35 PM, David Kelly sat at the `puter and typed: > rshea@opendoor.co.nz writes: > > Although Code Red is old news (hopefully) to everyone with IIS machines in > > their network I would just point out that in the last 36 hours a so called Code > > Red II has arisen (if you look in your logs you'll see that some of the > > default.ida attempts now have a padding of 'X' rather than 'N'). It has a much > > nastier effect and rebooting ain't going to fix it. Once again the June 18 IIS > > patch will avoid infection ... > > Is getting bad as on Aug 1 there was an average of 1 per hour on each of > my work and home firewalls were there are no web servers. In the last > day it has escalated to one every 5 minutes or so. Had a few on July 19. > > Normally I see a single poke on port 80 about once per week. Code Red > apparently pokes 3 times before moving on. > > -- > David Kelly N4HHE, dkelly@hiwaay.net > ===================================================================== > The human mind ordinarily operates at only ten percent of its > capacity -- the rest is overhead for the operating system. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > -- Louis LeBlanc leblanc@acadia.ne.mediaone.net Fully Funded Hobbyist, KeySlapper Extrordinaire :) http://acadia.ne.mediaone.net ԿԬ Davis' Law of Traffic Density: The density of rush-hour traffic is directly proportional to 1.5 times the amount of extra time you allow to arrive on time. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010805222517.A33022>