OT: RE: what does this mean

[Matt Kettler <mkettler () evi-inc com>]

(completely off topic, and intended to be taken as humorous)

Hmm, the oldest worm known to modern man is nimda or code red? Wow, modern 
man must have a very limited long-term memory. Then again, a shocking 
number of modern men can't correctly point to the approximate location of 
Washington DC on an unlabeled image of the United States. I'd bet even some 
of those living in Washington DC can't do so (Possibly even some in elected 
office there.... that's a scary thought that is hopefully less likely to be 
true than I think it is....)

Since I remember the Morris worm being mentioned in the news does this make 
me a "historic" man? Damn, and I'm not even that old yet.

http://www.cert.org/nav/aboutcert.html



At 04:30 PM 4/5/2002 -0500, McCammon, Keith wrote:
> I'm going to exercise restraint here.  This is the oldest worm known to
> modern man.
>
> 1) Subscribe to CERT, or Microsoft, or something...anything.
> 2) See these:
>
> <http://www.cert.org/advisories/CA-2001-26.html>
>
> <http://www.cert.org/advisories/CA-2001-23.html>
>
> <http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/secu
> rity/topics/nimda.asp>
>
> 3) And any of these:
>
> <http://www.google.com/search?hl=en&q=codered+worm>
>
> -----Original Message-----
> From: Omolayo Salako [mailto:OSalako () corp goamerica net]
> Sent: Friday, April 05, 2002 3:40 PM
> To: Snort-users () lists sourceforge net
> Subject: [Snort-users] what does this mean
>
>
>
> Hi list
> i am getting a lot of this on one of my sensors, does this mean someone
> is
> trying to do directory listing on my web server
>
> 47 45 54 20 2F 73 63 72 69 70 74 73 2F 2E 2E 25   GET /scripts/..%
> 25 33 35 25 36 33 2E 2E 2F 77 69 6E 6E 74 2F 73   %35%63../winnt/s
> 79 73 74 65 6D 33 32 2F 63 6D 64 2E 65 78 65 3F   ystem32/cmd.exe?
> 2F 63 2B 64 69 72 20 48 54 54 50 2F 31 2E 30 0D   /c+dir HTTP/1.0
> 0A 48 6F 73 74 3A 20 77 77 77 0D 0A 43 6F 6E 6E   .Host: www.Conn
> 6E 65 63 74 69 6F 6E 3A 20 63 6C 6F 73 65 0D 0A   nection: close.
> 0D 0A
>
>
>
> Molayo Salako.   CISSP
> Network Security Engineer
> Goamerica communications
> T:212-487-7984
> E:osalako () corp goamerica net
> F:212-509-7348
>
> "imagination is more important than knowledge"   -Al Einstein
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users