Bugtraq mailing list archives
Re: Full analysis of the .ida "Code Red" worm.
From: "Pierre Vandevenne" <pierre () datarescue com>
Date: Fri, 20 Jul 2001 04:08:06 +0200
On Thu, 19 Jul 2001 16:44:08 -0700, Laurence Hand wrote:
Did anyone else see that one of Microsoft's windowsupdate.microsoft.com servers got bit by this worm? It went away when we refreshed the screen and presumably rolled over to another server, but it is definitely on at least one of their servers.
Confirmed. Here's a "souvenir" http://www.datarescue.com/fprot/virinfo/hackedbychinese.gif This DOES raise some pretty fundamental questions about the security of all the infrastructure, because, in theory the compromised servers _could_ have been exploited more extensively and _could_ be delivering nastily compromised stuff around. I have no reason to believe it has happened, but still... --- Pierre Vandevenne - DataRescue : home of the IDA Pro Disassembler Advanced tools for the IT Security Industry. www.datarescue.com/idabase/ SM CF and MS Picture Recovery Software www.datarescue.com/photorescue/
Current thread:
- Full analysis of the .ida "Code Red" worm. Marc Maiffret (Jul 18)
- Re: [BUGTRAQ] Full analysis of the .ida "Code Red" worm. Joe Harris (Jul 19)
- Re: Full analysis of the .ida "Code Red" worm. Laurence Hand (Jul 19)
- Re: Full analysis of the .ida "Code Red" worm. Ryan Russell (Jul 19)
- RE: Full analysis of the .ida "Code Red" worm. Marc Maiffret (Jul 19)
- RE: Full analysis of the .ida "Code Red" worm. Eric Chien (Jul 20)
- Re: Full analysis of the .ida "Code Red" worm. Ryan Russell (Jul 19)
- Re: Full analysis of the .ida "Code Red" worm. Pierre Vandevenne (Jul 19)
- Re: Full analysis of the .ida "Code Red" worm. JNJ (Jul 20)
- Timely Patching (was: Full analysis of the .ida "Code Red" worm.) Crispin Cowan (Jul 23)
- Re: Mitigating some of the effects of the Code Red worm Vincas Ciziunas (Jul 19)
- Re: Mitigating some of the effects of the Code Red worm Johannes B. Ullrich (Jul 19)
- Re: Mitigating some of the effects of the Code Red worm Ryan Russell (Jul 20)
- RE: Mitigating some of the effects of the Code Red worm Linda Custer (Jul 20)