Snort mailing list archives
Re: Where to get " code red worm source" ?
From: Phil Wood <cpw () lanl gov>
Date: Wed, 29 Aug 2001 17:17:43 -0600
Second try. I be a glutton for punishment. This will be the contents of each attachment: % ls -l CR total 8 -rw-r--r-- 1 nobody nogroup 5336 Aug 29 16:49 cr There are 4 different files attached: -rw-r--r-- 1 nobody nogroup 2644 Aug 29 17:05 CR.bz2 -rw-r--r-- 1 nobody nogroup 2190 Aug 29 17:06 CR.tgz -rw-r--r-- 1 nobody nogroup 7376 Aug 29 17:07 CR.uue -rw-r--r-- 1 nobody nogroup 2175 Aug 29 17:06 CR.zip I guess zip wins in the storage department. (in case you didn't see the fall out from my first attempt, 'cr' is the http payload that comprises codeRed II. Sending as cr.bin was a bad or good idea depending on your frame of mind. Only time will tell with this post. Also, contrary to some of the virus notices, as far as I know, this is not an executable piece of code. It will only cause a problem if passed through an http server running some bogus IIS product.) What a great day. -- Phil Wood, cpw () lanl gov
Attachment:
CR.zip
Description:
Attachment:
CR.tgz
Description:
Attachment:
CR.bz2
Description:
Attachment:
CR.uue
Description:
Current thread:
- Where to get " code red worm source" ? ls1100 (Aug 28)
- Re: Where to get " code red worm source" ? Phil Wood (Aug 29)
- Re: Where to get " code red worm source" ? Daniel Monjar (Aug 29)
- Re: Where to get " code red worm source" ? Phil Wood (Aug 29)
- Re: Where to get " code red worm source" ? Daniel Monjar (Aug 29)
- <Possible follow-ups>
- FW: Where to get " code red worm source" ? Martin O'Reilly (Aug 29)
- RE: Where to get " code red worm source" ? Mel Chandler PMI (Aug 30)
- Re: Where to get " code red worm source" ? Olaf Schreck (Aug 30)
- Re: Where to get " code red worm source" ? Phil Wood (Aug 30)
- Re: Where to get " code red worm source" ? Ryan Russell (Aug 30)
- Message not available
- Re: hi ^^ I have question ^^ Phil Wood (Aug 31)
- Re: Where to get " code red worm source" ? Phil Wood (Aug 29)