Bugtraq mailing list archives
Re: 'Code Red' does not seem to be scanning for IIS
From: Ryan Russell <ryan () securityfocus com>
Date: Thu, 19 Jul 2001 17:14:43 -0600 (MDT)
On Thu, 19 Jul 2001, Mike Brockman wrote:
From what i read about the 'Code Red'-worm, it was supposed to be scanningfor IIS-servers. It obviously is'nt, i believe it tries to infect everything they find on port 80, or something as simple as that.
Run nc -l -p 80 > worm, and you'll get a copy. It's not scanning
in any sense, it just tries a connect, and sends the string.
Ryan
Current thread:
- 'Code Red' does not seem to be scanning for IIS Mike Brockman (Jul 19)
- RE: 'Code Red' does not seem to be scanning for IIS Marc Maiffret (Jul 19)
- RE: 'Code Red' does not seem to be scanning for IIS Emre Yildirim (Jul 19)
- Re: 'Code Red' does not seem to be scanning for IIS Ethan Butterfield (Jul 19)
- Re: 'Code Red' does not seem to be scanning for IIS daniel uriah clemens (Jul 19)
- Re: 'Code Red' does not seem to be scanning for IIS Ryan Russell (Jul 19)
- <Possible follow-ups>
- RE: 'Code Red' does not seem to be scanning for IIS Kelly Martin (Jul 19)
- Re(2): 'Code Red' does not seem to be scanning for IIS Ken Eichman (Jul 19)
- RE: 'Code Red' does not seem to be scanning for IIS Duncan Hill (Jul 19)
- Re: 'Code Red' does not seem to be scanning for IIS Stephen Cimarelli (Jul 19)
- RE: 'Code Red' does not seem to be scanning for IIS Tony Langdon (Jul 19)
- Re: 'Code Red' does not seem to be scanning for IIS George William Herbert (Jul 20)
- RE: 'Code Red' does not seem to be scanning for IIS Marc Maiffret (Jul 19)