Security Incidents mailing list archives

Re: Textbook CodeRed v2 Caught By Snort

From: Ryan Russell <ryan () securityfocus com>
Date: Fri, 28 Jun 2002 14:20:34 -0600 (MDT)

On Fri, 28 Jun 2002, Jeremy Junginger wrote:

I just wanted to share.  It appears to be a compromised host.  Any
thoughts?


It's Nimda.  It's probably more accurate to call your attacker "infected"
rather than "compromised".

                                                Ryan


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Textbook CodeRed v2 Caught By Snort Jeremy Junginger (Jun 28)
- Re: Textbook CodeRed v2 Caught By Snort Ryan Russell (Jun 28)
- Re: Textbook CodeRed v2 Caught By Snort Nick FitzGerald (Jun 29)