Security Incidents mailing list archives
Re: Code Red, anyone?
From: Ryan Russell <ryan () securityfocus com>
Date: Wed, 1 Aug 2001 09:46:18 -0600 (MDT)
2001-08-01 15:03:54, 2002500, Suspicious URL, 210.63.234.152, , v.v.v.v, , , 1, Strange, BlackICE Defender doesn't log timezone explicitly, I guess. I'm PDT, and this was 8:03 A.M., so the log entry must be UTC. My first Code Red this week, on my home machine this morning. I captured it, it's standard CRv2. As a side note, I had an e-mail from ISS last night that said they've got a new set of sigs for Real Secure, including the .ida overflow. I imagine most ISS admins get the same mail, but just in case... Ryan ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Code Red, anyone? Alfred Huger (Jul 31)
- Code Red, anyone? Russell Fulton (Jul 31)
- Re: Code Red, anyone? Glenn Forbes Fleming Larratt (Jul 31)
- Re: Code Red, anyone? Michael Sullenszino (Aug 01)
- Re: Code Red, anyone? S. Staniford (Jul 31)
- Re: Code Red, anyone? Joseph Nicholas Yarbrough (Aug 01)
- Re: Code Red, anyone? thomas lakofski (Aug 01)
- RE: Code Red, anyone? Coen Bongers (Aug 01)
- Re: Code Red, anyone? Ryan Russell (Aug 01)
- Re: Code Red, anyone? Kman (Aug 01)
- <Possible follow-ups>
- Re: Code Red, anyone? Ken Eichman (Aug 01)
- unsubscribe me please Christophe Bernigaud (Aug 01)
- RE: Code Red, anyone? Information Security (Aug 01)
- RE: Code Red, anyone? Chip McClure (Aug 01)
- RE: Code Red, anyone? Jürgen Nieveler (Aug 01)
- Re: Code Red, anyone? Seth Arnold (Aug 01)
- Re: Code Red, anyone? Pat Wilson (Aug 01)
- Re: Code Red, anyone? jan (Aug 01)
- Re: Code Red, anyone? Pluto (Aug 01)
(Thread continues...)