Security Incidents mailing list archives

Re: My list of default.ida connection attempts

From: Vern Paxson <vern () ee lbl gov>
Date: Sun, 22 Jul 2001 13:20:31 PDT

      Listed below are the 256 unique hosts who have so far apparently
attempted to use default.ida to compromise my systems:


There's a list of 19,764 that tried to compromise lbl.gov (which has 
a large cross section, 2 class B's) in

        ftp://ftp.ee.lbl.gov/.vp-code-red-infectees.timestamp.gz

Times in the file are PDT, along with Unix timestamps.

                Vern

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

My list of default.ida connection attempts Sean Kelly (Jul 22)
- <Possible follow-ups>
- Re: My list of default.ida connection attempts Vern Paxson (Jul 22)
  - Wide-scale Code Red Damage Assessment and Report Jon O . (Jul 22)
- Re: My list of default.ida connection attempts Vern Paxson (Jul 22)