Security Incidents mailing list archives
Anyone interested in full tcpdump trace of a Code Red breakin ?
From: Arthur Donkers <arthur () reseau nl>
Date: Thu, 19 Jul 2001 21:21:31 +0200
Hi All, Only half an hour ago we caught some Code Red worms in our W2K honeypot. We are analysing the tcpdump trace of the actual breakin, but in the meantime, anyone interested in these traces (people not supporting full disclosure could close their eyes or speed read with the 'd' button ...) ? Arthur Donkers -- /* Disclaimer : you hire my skills, not my opinions, those are mine ! */ /* email : arthur () reseau nl Security 'Me ? I'm not me ! I'm just a */ /* phone : (+31) 50 549 2701 is not a computer simulation of me' */ /* URL http://www.reseau.nl dirty word Red Dwarf, First Episode */ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Anyone interested in full tcpdump trace of a Code Red breakin ? Arthur Donkers (Jul 19)