site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > Code Red II worm analysis

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies


Steve
I know your IP address
Consultant
join:2001-03-10
Yorba Linda, CA
kudos:5

reply to guyver01

Re: Code Red II worm analysis

I'm still trying to wade through the IP address calculations, but I have a pretty good idea that the whole process starts with the current IP address of the machine. Depending on the munging that goes on, this could easily explain the scanning of "near" machines (which I'm of course seeing in my logs also).

It also excludes all IP addresses ending in .0 or .255 -- no surprise here

Steve
--
Stephen J. Friedl / Software Consultant / Tustin, California USA / »www.unixwiz.net
to forum · permalink · 2001-08-04 21:23:41 ·
Forums > Broadband Tech > Security > Security

Sunday, 27-May 14:52:51 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics