Security Incidents mailing list archives
RE: FW: Wierd .ida request? What is it?
From: red0x <red0x () users sourceforge net>
Date: Mon, 03 Sep 2001 18:23:26 -0700
That's the weird thing, I don't have code red, its linux and apache.. so wtf? -----Original Message----- From: bryan () nerdvest com [mailto:bryan () nerdvest com]On Behalf Of Bryan Andersen Sent: Monday, September 03, 2001 3:33 PM To: red0x Subject: Re: FW: Wierd .ida request? What is it? red0x wrote:
Anyone know what this is? A new anti code red?
It exploits the hole left by CodeRedII to put a message on the desktop of the infected system. If you are seeing this, look at the system that it's being sent to. That system is very likely infected with CodeRed and is actively scanning. There have been a number of similar responces. Some are relatively benign, others go as far as shutting down the infected system. -- | Bryan Andersen | bryan () visi com | http://www.nerdvest.com | | Buzzwords are like annoying little flies that deserve to be swatted. | | -Bryan Andersen | ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- FW: Wierd .ida request? What is it? red0x (Sep 02)
- Re: FW: Wierd .ida request? What is it? Johannes Segitz (Sep 03)
- <Possible follow-ups>
- RE: FW: Wierd .ida request? What is it? red0x (Sep 03)
- RE: FW: Wierd .ida request? What is it? Can Erkin Acar (Sep 03)