nanog mailing list archives
Re: Code Red 2 cleanup; reporting..
From: mike harrison <meuon () highertech net>
Date: Fri, 10 Aug 2001 00:09:44 -0400 (EDT)
FWIW, I just tried to telnet to the 20 most recent hosts I got Code Red II probes from, and didn't get a shell prompt on any of them. Are people cleaning up their boxes that quickly?
I have been told, but not personally conformed confirmed of non IIS machines being infected with CodeRed (I or II not known, assume II). Infection method: running an file from somewhere? They still scan out and seek victims, just no webserver running.
Current thread:
- Code Red 2 cleanup; reporting.. z (Aug 08)
- RE: Code Red 2 cleanup; reporting.. Mathias Körber (Aug 08)
- RE: Code Red 2 cleanup; reporting.. z (Aug 08)
- Re: Code Red 2 cleanup; reporting.. Andrew McNamara (Aug 09)
- Re: Code Red 2 cleanup; reporting.. Ryan Tucker (Aug 09)
- RE: Code Red 2 cleanup; reporting.. z (Aug 08)
- Re: Code Red 2 cleanup; reporting.. Christopher A. Woodfield (Aug 09)
- Re: Code Red 2 cleanup; reporting.. mike harrison (Aug 09)
- Re: Code Red 2 cleanup; reporting.. Etaoin Shrdlu (Aug 09)
- Re: Code Red 2 cleanup; reporting.. mike harrison (Aug 09)
- Was: Code Red 2 cleanup -- SHOULD NSPs PULL THE PLUG? Solutions? z (Aug 10)
- Re: Code Red 2 cleanup; reporting.. Mike Lewinski (Aug 09)
- Re: Code Red 2 cleanup; reporting.. Larry Diffey (Aug 09)
- RE: Code Red 2 cleanup; reporting.. Mathias Körber (Aug 08)
- <Possible follow-ups>
- Re: Code Red 2 cleanup; reporting.. Steven M. Bellovin (Aug 10)
- Re: Code Red 2 cleanup; reporting.. mike harrison (Aug 11)
- Re: Code Red 2 cleanup; reporting.. David Lesher (Aug 12)
- Re: Code Red 2 cleanup; reporting.. mike harrison (Aug 11)
- Re: Code Red 2 cleanup; reporting.. Steven M. Bellovin (Aug 10)
- Re: Code Red 2 cleanup; reporting.. Etaoin Shrdlu (Aug 10)