Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Code Red Specifics

From: H C <keydet89 () yahoo com>
Date: Sat, 29 Sep 2001 06:42:40 -0700 (PDT)
I'm collecting some background information w/ regards
to Code Red's release and proliferation.  While the
paper isn't specific to Code Red, CR does offer a good
example.

I'm looking for specifics on the worm, more so than
those found in Marc Maiffert's Senate subcommittee
testimony:

http://www.eeye.com/html/Research/Papers/DS20010925.html

Specifically:

1.  Who was "patient 0"?  Who was the first the admin
who contacted eEye with the initial reports?  What
domain first reported the "attacks"?

2.  From what IP addresses did the first attacks
originate?

3.  Who was the second admin to contact eEye and
provide a binary code capture?

Thanks.  I think this information will add impact to
the overall content.

__________________________________________________
Do You Yahoo!?
Listen to your Yahoo! Mail messages from any phone.
http://phone.yahoo.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: