Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Anyone interested in full tcpdump trace of a Code Red breakin ?
From: Arthur Donkers <arthur () reseau nl>
Date: Thu, 19 Jul 2001 21:21:31 +0200
Hi All,

Only half an hour ago we caught some Code Red worms in our W2K honeypot.
We are analysing the tcpdump trace of the actual breakin, but in the
meantime, anyone interested in these traces (people not supporting full
disclosure could close their eyes or speed read with the 'd' button ...) ?

Arthur Donkers

--
/* Disclaimer :   you hire my skills, not my opinions, those are mine !    */
/* email : arthur () reseau nl    Security    'Me ? I'm not me ! I'm just a   */
/* phone : (+31) 50 549 2701   is not a     computer simulation of me'     */
/* URL http://www.reseau.nl   dirty word      Red Dwarf, First Episode     */


----------------------------------------------------------------------------


This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see:

http://aris.securityfocus.com

  By Date           By Thread  

Current thread:
  • Anyone interested in full tcpdump trace of a Code Red breakin ? Arthur Donkers (Jul 19)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]