republican-creole
Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » DSL Reports At Code Red Forefront » Busy busy busy
Search Topic:
Uniqs:
152		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Post a:
Post a:
Cisco 6xx DSL router vulnerability -- and fix. »
« Code Red II & PacBell  
AuthorAll Replies


Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA

Busy busy busy

The first public report that I've been able to find of the Code Red II web server log signature was found right here at DSL Reports in this thread: http://www.dslreports.com/forum/remark,1224346;root=security,1;mode=flat . Since I had just written my websnarf tool, I checked my own system and found not only the web signature but a copy of the worm itself. Then it all started.

I knew that others would be doing the detailed analysis -- the boys at eEye are really good at this -- but I decided to do an ongoing update as well. BugTraq was strangely quiet for 12 hours on this, so DSLReports was one of the better places to go for Code Red II information for most of Saturday.

What a weekend.

Steve
--
Stephen J. Friedl / Software Consultant / Tustin, California USA / »www.unixwiz.net
to forum · permalink · · 2001-08-06 10:57:29 · Reply to this


mjf
" "
Premium,Mod
join:2000-08-05
New Orleans, LA
clubs:		 All I can say is that it is great to have you with us!
to forum · permalink · · 2001-08-06 11:25:54 · Reply to this


mr sean
Professional Infidel
Premium,ExMod 2001-07
join:2001-04-03
N. Absentia
clubs:		 A job well done Steve. Nice to have that kind of knowledge and dedication made available.
--
furiosus et melancholicus
to forum · permalink · · 2001-08-06 11:50:37 · Reply to this

Anon		reply to Steve
Thank you thank you thank you.

As a technical support supervisor for a broadband company, I have already dealt with several customers who have been infected by the latest round of the CRWv2. Thanks for the indepth analysis which I made a manditory read by my techs.

Excellent write up!

Thanks again
to forum · permalink · 2001-08-06 11:50:46 · Reply to this


jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
Scottsdale, AZ
·Speakeasy

reply to Steve
Take off a little time for a good game of tennis. You've been hard at work for the benefit of many. Now it's time to rest a little on your laurels and relax for a moment or 2. Thanks for the great education and all the hard work.
[text was edited by author 2001-08-06 20:30:03]
to forum · permalink · · 2001-08-06 20:29:29 · Reply to this
Forums » DSL Reports At Code Red ForefrontCisco 6xx DSL router vulnerability -- and fix. »
« Code Red II & PacBell  

Monday, 09-Nov 16:32:19 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [58] VoIP Over 3G Still Not Working For iPhone
· [31] Verizon Keeps Swinging At AT&T
· [26] Bill Would Force ISPs To Block Financial Scams
· [14] Mediacom Hints At 50, 100 Mbps Speeds
· [10] Clearwire To Get Another $1.5 Billion
· [8] 15 States Have Now Gotten Broadband Mapping Money
· [0] AT&T Launching New 7.2 Mbps 3G Modem
Most people now reading
· My cat is reluctant to exercise. [General Questions]
· Divorce advice... [General Questions]
· Google Has Acquired Gizmo5 [VOIP Tech Chat]
· 60 Minutes piece on cyber security last night [Security]
· Framed for child porn 151; by a PC virus [Security]
· Bell disconnection fee? WTF? [TekSavvy]
· How in the world am I going to get into college? [General Questions]
· [WIN7] Which Services in Win 7 Have You Turned Off? [Microsoft Help]
· Windows 7 boot manager editing questions [Microsoft Help]
· Is Gear Score now the new requirement to get pug invite? [World of Warcraft]