<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Security Incidents: Re: Code Red gone to sleep?

Re: Code Red gone to sleep?

From: Andreas Östling <andreaso_at_it.su.se>
Date: Wed, 3 Oct 2001 19:11:44 +0200

On Wednesday 03 October 2001 01.33, cambria_at_owt.com wrote:
> CR's 10/1 exit was predicted by some of the analyses of CR.

It went to sleep alright, and it was on time.
In case someone is interested, here is a simple graph showing number of
SYN packets/sec going to port 80 around Oct 1, on a network that had a
machine infected by CRII (local time is UTC+2).
ftp://ftp.su.se/pub/users/andreas/CRII_oct_1st.jpg

/Andreas

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
Received on Oct 03 2001

This message: [ Message body ]
Next message: Michael Clark: "NEW FILES: Scan of the Month - October"
Previous message: cambria_at_owt.com: "Re: Code Red gone to sleep?"
In reply to: cambria_at_owt.com: "Re: Code Red gone to sleep?"
Next in thread: hvdkooij_at_vanderkooij.org: "Re: Code Red gone to sleep?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos