code red.. one funny detail

["B." <ouwerkerk92 () zonnet nl>]

Hi,

Found a few new ones in my logfiles.. Used grep..

What really is interesting is this:
e0.filt2.davidson.tn.ena.net - - [01/Aug/2001:22:47:12 +0200]
e0.filt2.davidson.tn.ena.net - - [01/Aug/2001:22:48:07 +0200]
It tried two times from the same IP to the same IP..
Did the first request timeout?? is it a mutant.. dunno.. it is a fact that 
the same IP tried it twice.. within less then one minute.
I'll keep the original logfiles.. just in case..

Any other double below is caused by the fact that this box contains 
multiple IP's.. I don't think any double would appear..

34.mudd.nyrk.nycenycp.dsl.att.net - - [01/Aug/2001:20:07:15 +0200]
wrkstn132.prgx.com - - [01/Aug/2001:20:14:17 +0200]
208.35.235.249 - - [01/Aug/2001:20:18:01 +0200]
213.82.235.2 - - [01/Aug/2001:22:25:09 +0200]
213.235.189.20 - - [01/Aug/2001:20:41:38 +0200]
g076185.ap.plala.or.jp - - [01/Aug/2001:22:22:18 +0200]
w078.z066088058.chi-il.dsl.cnc.net - - [01/Aug/2001:23:19:18 +0200]
host213-123-198-162.in-addr.btopenworld.com - - [01/Aug/2001:20:19:19 +0200]
203.230.107.32 - - [01/Aug/2001:21:14:06 +0200]
211.40.227.165 - - [01/Aug/2001:19:49:05 +0200]
211.62.74.3 - - [01/Aug/2001:20:55:12 +0200]
159.226.99.170 - - [01/Aug/2001:21:32:09 +0200]
146.105.80.55 - - [01/Aug/2001:21:34:32 +0200]
66.7.0.247 - - [01/Aug/2001:21:47:36 +0200]
207.51.33.6 - - [01/Aug/2001:22:24:26 +0200]
adsl-64-123-199-162.dsl.hstntx.swbell.net
techimag.demon.co.uk - - [01/Aug/2001:22:39:37 +0200]
pc065018.yeungnam.ac.kr - - [01/Aug/2001:23:44:52 +0200]


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com