Security Incidents mailing list archives

RE: CodeRed Observations. ##

From: root <root () ns1 transurban com au>
Date: Tue, 18 Mar 2003 15:14:06 +1100

Subject: RE: CodeRed Observations.
MIME-Version: 1.0
Content-Type: text/plain;
        charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Fri, 14 Mar 2003 13:52:40 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0
Message-ID: <D49508FE6BCE104A8D152CC97D4E2F0E6963FD () mail langleyfcu org>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: CodeRed Observations.
Thread-Index: AcLqWuPHlTcxQEoxTAGjH0dy9wj9lQ==
From: "King, Brian" <BKing () langleyfcu org>
To: <incidents () securityfocus com>

Heres the article that I read about IIS and IE interactions:
http://grotto11.com/blog/slash.html?+1039831658 . Besides quicker
propagation, not using a handshake would allow spoofed IPs so that it
would be harder to track down and fix.
Brian

----------------------------------------------------------------------------

<Pre>Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre>
<A href=3D"http://www.securityfocus.com/stillsecure";> http://www.securityfocus.com/stillsecure </A>

.

----------------------------------------------------------------------------

<Pre>Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre>
<A href="http://www.securityfocus.com/stillsecure";> http://www.securityfocus.com/stillsecure </A>

Current thread:

RE: CodeRed Observations. ## root (Mar 18)
- Re: CodeRed Observations. ## Andrew Bates (Mar 19)
- RE: CodeRed Observations. ## Rob Shein (Mar 19)