[ale] CodeRed attacks, here we go again.
Michael Barker
mbarker68 at home.com
Tue Sep 18 10:25:17 EDT 2001
SAngell at nan.net wrote:
>
> I am being flooded by Code Red attacks originating from network 205.152.x.x all
> by the variant which is attempting to drop the trojan backdoor on to my servers.
> either root.exe or explorer.exe. This attack is worse that any I have previously
> seen with hundreds of attempts in the last 5 minutes.
>
> Anyone else witnessing these?
>
> \_\_\_\_\_\_\_\_\_\_\_/_/_/_/_/_/_/_/_/_/_/
> \_ Steve Angell, MCSE, CCNA _/
> \_ MIS Operations Manager _/
> \_ TSYS Total Debt Management _/
> \_ Norcross, GA _/
> \_ Phone 770-409-5570 _/
> \_ Fax 770-416-1752 _/
> \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
>
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
Its happening on @home.com as well.
"GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
I'm giving them a call.
-Michael
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list