Re: Code Red II worm analysis

Author	All Replies
guyver01 In Brightest Day join:2001-01-04 Littleton, CO	reply to Steve Re: Code Red II worm analysis On the RR/NYC network here... my firewall has been going crazy the last day or two, with port 80 hits. So much so that i disabled popup notification. I was closing out literally dozens a minutes. When will this thing go away -- One only appreciates the beauty of the mountain top when one has experienced the agony of the climb Said by DSLR member HAZE in the RoadRunner forum.
	to forum · permalink · 2001-08-04 21:17:05 ·
Steve I know your IP address Consultant join:2001-03-10 Yorba Linda, CA kudos:5	I'm still trying to wade through the IP address calculations, but I have a pretty good idea that the whole process starts with the current IP address of the machine. Depending on the munging that goes on, this could easily explain the scanning of "near" machines (which I'm of course seeing in my logs also). It also excludes all IP addresses ending in .0 or .255 -- no surprise here Steve -- Stephen J. Friedl / Software Consultant / Tustin, California USA / »www.unixwiz.net
	to forum · permalink · 2001-08-04 21:23:41 ·

Broadband Tech > Security > Security > Code Red II worm analysis