Security Incidents mailing list archives
RE: CodeRedII attempts from Cable/DSL/dial-ups
From: "Srdjan Nikolic" <srdjan () jsn aust com>
Date: Mon, 6 Aug 2001 18:39:12 +1000
If CodeRedII can only infect Windows 2000 boxes running IIS, why all of the CodeRedII infection attempts from what appear to be DSL, cable modem and dial-up boxes? I could see running a small server on a DSL line but are there really that many people running IIS on a 56k dial-up.
Unfortunately, there is a number of people out there that are inadvertendly running IIS on their W2K professional desktops and they don't even know it. Who knows how PC vendors install Win2K Professional? Some would do a full install with full bells & whistles (including IIS) so that customers/users don't bother them later? Scary, huh? Srdjan Nikolic Melbourne, Australia ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- CodeRedII attempts from Cable/DSL/dial-ups Ben N. Venzke (Aug 05)
- RE: CodeRedII attempts from Cable/DSL/dial-ups Thomas Frerichs (Aug 06)
- Re: PWS was: CodeRedII attempts from Cable/DSL/dial-ups Gary Flynn (Aug 06)
- RE: CodeRedII attempts from Cable/DSL/dial-ups Derek Kwan (Aug 06)
- RE: CodeRedII attempts from Cable/DSL/dial-ups Srdjan Nikolic (Aug 06)
- Re: CodeRedII attempts from Cable/DSL/dial-ups Guilherme Mesquita (Aug 07)
- RE: CodeRedII attempts from Cable/DSL/dial-ups Thomas Frerichs (Aug 06)