Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Code Red, anyone?

From: Pat Wilson <paw () noh ucsd edu>
Date: Wed, 1 Aug 2001 07:46:27 -0700 (PDT)

Joseph Nicholas Yarbrough <nyarbrough () lurhq com> writes:

        On Tuesday 31 July 2001 21:31, Alfred Huger wrote:
        > Anyone seeing Code Red activity yet?

        When I came in tonight at 1 am I was told that there was no code red activity 
        seen all night. Now (5:14EDT) I'm seeing dozens of connects per minute. 

Just to confirm - I've spotted an infestation here (only one so
far; we blocked access to machines that had been infested on the
19th and hadn't heard had been cleaned up).  This one even had
the Chinese Web site...

It's out there.


Pat Wilson
Network Security Manager
UCSD ACS/Network Operations
paw () ucsd edu
6F3A AE75 F931 3A19 D207 19F3 DB9B 29DC 2C3F E015

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: