Bugtraq mailing list archives
Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm.
From: Vern Paxson <vern () ee lbl gov>
Date: Thu, 19 Jul 2001 16:33:19 PDT
This one's gonna be bad.
Oh yes. Yesterday (pre-worm), about 1,600 different remote hosts attempted to connect to web servers in the lbl.gov IP space for which no server was listening. This is the typical background rate (previous day was 1,300.) So far today, it's been 1.17 million different remote hosts. Vern
Current thread:
- Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm. Vern Paxson (Jul 19)
- <Possible follow-ups>
- Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm. Vern Paxson (Jul 19)
- Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm. Vern Paxson (Jul 19)
- Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm. Nick FitzGerald (Jul 19)
- Oracle Vulnerability Discovered in OID Aaron C. Newman (Jul 20)
- Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm. Jerome Alet (Jul 20)
- Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm. Nick FitzGerald (Jul 19)
- Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm. Vern Paxson (Jul 19)
- Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm. Tony Langdon (Jul 19)
- Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm. Vern Paxson (Jul 20)