nanog mailing list archives
Re: Code Red
From: Dave Stewart <dbs () ntrnet net>
Date: Thu, 19 Jul 2001 23:31:58 -0400
At 11:12 PM 7/19/2001, lucifer () lightbearer com wrote:
Reports from our monitoring systems saw the CPU usage jump by somewhere between 150-200% for our core routers today; our current theory is that
Web servers that were hit beginning this morning at 11:26:41 EDT have not seen another attempt since 19:49:53.
I'm wondering if this because it was coming up on 00:00:00 GMT 20-July-2001.According to the PC-Cillin write up, the 100-thread scan only takes place if the system date is less than 20, but if it's 20-28, it launches it's DOS attack at www1.whitehouse.gov
Does anybody really know yet what payloads this thing is carrying?
Current thread:
- Re: Code Red Jeff Ogden (Jul 19)
- Re: Code Red Patrick Greenwell (Jul 19)
- Re: Code Red Seth M. Kusiak (Jul 19)
- Re: Code Red Rob Thomas (Jul 19)
- Re: Code Red Seth M. Kusiak (Jul 19)
- Re: Code Red lucifer (Jul 19)
- Re: Code Red Bill Woodcock (Jul 19)
- Re: Code Red Dave Stewart (Jul 19)
- Re: Code Red lucifer (Jul 19)
- Re: Code Red Stephen J. Wilcox (Jul 19)
- Re: Code Red Mikael Abrahamsson (Jul 19)
- Re: Code Red John Kristoff (Jul 20)
- Re: Code Red Stephen J. Wilcox (Jul 20)
- Re: Code Red Larry Sheldon (Jul 20)
- Re: Code Red Stephen J. Wilcox (Jul 20)
- Re: Code Red Stephen J. Wilcox (Jul 20)
- Re: Code Red Patrick Greenwell (Jul 19)
- <Possible follow-ups>
- RE: Code Red Joe Blanchard (Jul 19)