Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Incidents: Re: Code Red gone to sleep?

Re: Code Red gone to sleep?

From: <cambria_at_owt.com>
Date: Thu, 04 Oct 2001 20:51:39 -0700

On 10/5/2001 at 1:29 AM hvdkooij_at_vanderkooij.org wrote:

>It seems CodeRed isn't dead yet. I just logged an access attempt to
>default.ida from a Korean machine that seem to be infected with some
>strand.
>
>The server reported on port 80:
>
>HTTP/1.1 200 OK
>Server: Microsoft-IIS/5.0
>Date: Sun, 10 Jun 2001 23:22:54 GMT <---
[snip]

Note that this server's date is not set properly. That is probably why it is still infected. CodeRed II is set to disable itself October 1.

Best regards,

Greg

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
Received on Oct 05 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos