Security Incidents mailing list archives
Code Red II - Dead Thread
From: Alfred Huger <ah () securityfocus com>
Date: Tue, 7 Aug 2001 10:26:56 -0600 (MDT)
Hey all, Well we have suffered through yet another worm attack and the Internet still seems to be humming along. Granted this worm was more aggressive and better written than other win32 based worms we have seen, it is none the less more or less a non-issue now. We will see it continue it's activity for quite some time in the future, in fact if ARIS is any indication it does not seem to be abating just yet. However, the conversation around it is going to stop here. If you have something new and previously not discussed here I will post it through, otherwise though let's move on and wait for the next worm to come our way. I suspect we will not have to wait too terribly long. In terms of the ARIS notification program we set up, we are stopping it now. We recieved logs for well over 200,000 infected hosts and notified as such. However, at this point we seem to running into alot of overlap and admins do not need us sending them mail if they have already recieved it. To further complicate the situation about 50% of the hosts we notified against for this version of the worm had already recieved a notification for the last worm. Meaning they were infected, and two notifications later are still infected. You can still notify if you are an ARIS Analyzer user, but our mail in program to aris-report () securityfocus com is now done, for now. Thankyou *very much* for the thousands of people who sent in logs, your help is deeply appreciated here. I wish I could name you all but this message would be 200 pages long if I did. Your contributions are appreciated. Cheers, -al VP Engineering SecurityFocus.com "Vae Victis" ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Code Red II - Dead Thread Alfred Huger (Aug 07)
- Re: Code Red II - Dead Thread Dave Laird (Aug 07)
- <Possible follow-ups>
- RE: Code Red II - Dead Thread Steve Halligan (Aug 08)