Date: Sun, 05 Aug 2001 20:06:01 -0700 From: Rob <europax@home.com> To: freebsd-questions@FreeBSD.ORG Cc: questions@FreeBSD.ORG Subject: Re: Code Red 2 - (was : Attempted Buffer Overrun in via httpd? ) Message-ID: <3B6E0999.45595492@home.com> References: <20010805222826.9412F1FA2A9@deborah.paradise.net.nz> <200108060035.f760Zkx30388@grumpy.dyndns.org> <20010805222517.A33022@acadia.ne.mediaone.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Louis LeBlanc wrote: > > If you are only getting one every 5 minutes, you're not being targeted > much, meaning you're not very high on the prng cycle. I've gotten > about 1300 hits since I closed off the firewall - I never get much > traffic, other than myself :) from work, etc. > > I'm seeing anywhere from 3 to 7 per minute in the last hour. > > I wonder if they'll _ever_ get this one under wraps? > > *THANKS* bill! > > L > On 08/05/01 07:35 PM, David Kelly sat at the `puter and typed: > > rshea@opendoor.co.nz writes: > > > Although Code Red is old news (hopefully) to everyone with IIS machines in > > > their network I would just point out that in the last 36 hours a so called Code > > > Red II has arisen (if you look in your logs you'll see that some of the > > > default.ida attempts now have a padding of 'X' rather than 'N'). It has a much > > > nastier effect and rebooting ain't going to fix it. Once again the June 18 IIS > > > patch will avoid infection ... > > > > Is getting bad as on Aug 1 there was an average of 1 per hour on each of > > my work and home firewalls were there are no web servers. In the last > > day it has escalated to one every 5 minutes or so. Had a few on July 19. > > > > Normally I see a single poke on port 80 about once per week. Code Red > > apparently pokes 3 times before moving on. > > > > -- > > David Kelly N4HHE, dkelly@hiwaay.net > > ===================================================================== > > The human mind ordinarily operates at only ten percent of its > > capacity -- the rest is overhead for the operating system. > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > > -- > Louis LeBlanc leblanc@acadia.ne.mediaone.net > Fully Funded Hobbyist, KeySlapper Extrordinaire :) > http://acadia.ne.mediaone.net ԿԬ > > Davis' Law of Traffic Density: > The density of rush-hour traffic is directly proportional to > 1.5 times the amount of extra time you allow to arrive on time. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message My @home service has the cable modem lights blinking constantly, as fast as when I'm cvsup'ing :) Ipfstat shows only 1000 blocked packets, so it must be going to my other machine. Rob. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B6E0999.45595492>