Security Incidents mailing list archives
Re: Code Red, anyone?
From: Ivan Andres Hernandez Puga <iahp () usa net>
Date: 1 Aug 2001 13:53:09 ARST
I have this fresh snort logs [**] CodeRed IDA Overflow [**] 08/01-12:24:50.373465 211.112.0.4:2951 -> 200.42.132.76:80 TCP TTL:112 TOS:0x0 ID:4065 IpLen:20 DgmLen:1500 DF ***AP*** Seq: 0xA916AC88 Ack: 0x80067D66 Win: 0x4470 TcpLen: 20 [**] CodeRed Defacement [**] 08/01-12:24:51.695317 211.112.0.4:2951 -> 200.42.132.76:80 TCP TTL:112 TOS:0x0 ID:4385 IpLen:20 DgmLen:1155 DF ***AP*** Seq: 0xA916B7F0 Ack: 0x80067D66 Win: 0x4470 TcpLen: 20 Ivan Hernandez. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- RE: Code Red, anyone?, (continued)
- RE: Code Red, anyone? Jürgen Nieveler (Aug 01)
- Re: Code Red, anyone? Seth Arnold (Aug 01)
- Re: Code Red, anyone? Pat Wilson (Aug 01)
- Re: Code Red, anyone? jan (Aug 01)
- Re: Code Red, anyone? Pluto (Aug 01)
- RE: Code Red, anyone? Thompson, John J (Aug 01)
- Re: Code Red, anyone? Alfred Huger (Aug 01)
- Re: Code Red, anyone? Dirk Brockhausen (Aug 01)
- Re: Code Red, anyone? Johannes B. Ullrich (Aug 01)
- Re: Code Red, anyone? Chris A. Mattingly (Aug 01)
- Re: Code Red, anyone? Ivan Andres Hernandez Puga (Aug 01)
- RE: Code Red, anyone? kerveros (Aug 01)
- RE: Code Red, anyone? Joe Lareau (Aug 01)
- RE: Code Red, anyone? Jürgen Nieveler (Aug 01)