Security Incidents mailing list archives
Code Red Specifics
From: H C <keydet89 () yahoo com>
Date: Sat, 29 Sep 2001 06:42:40 -0700 (PDT)
I'm collecting some background information w/ regards to Code Red's release and proliferation. While the paper isn't specific to Code Red, CR does offer a good example. I'm looking for specifics on the worm, more so than those found in Marc Maiffert's Senate subcommittee testimony: http://www.eeye.com/html/Research/Papers/DS20010925.html Specifically: 1. Who was "patient 0"? Who was the first the admin who contacted eEye with the initial reports? What domain first reported the "attacks"? 2. From what IP addresses did the first attacks originate? 3. Who was the second admin to contact eEye and provide a binary code capture? Thanks. I think this information will add impact to the overall content. __________________________________________________ Do You Yahoo!? Listen to your Yahoo! Mail messages from any phone. http://phone.yahoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Code Red Specifics H C (Sep 29)
- Re: Code Red Specifics Valdis . Kletnieks (Sep 30)