A show of hands!

Thorazine · Post by **Thorazine** » Sat Aug 04, 2001 12:15 am

How many of you are still seeing Code Red requests in your firewall logs? I'm at 80 different IP's and still counting.

blebs · Post by **blebs** » Sat Aug 04, 2001 8:11 am

I am and I know Fredra is too!

onetrueday · Post by **onetrueday** » Sat Aug 04, 2001 8:13 am

hmm... i'm not. Although what do they look like?

blebs · Post by **blebs** » Sat Aug 04, 2001 8:24 am

Originally posted by onetrueday
hmm... i'm not. Although what do they look like?

A very unusually high number of hits on port 80!

blebs · Post by **blebs** » Sat Aug 04, 2001 12:53 pm

Originally posted by Thorazine
How many of you are still seeing Code Red requests in your firewall logs? I'm at 80 different IP's and still counting.

36, since the first of August and 143 through the end of July!

ace · Post by **ace** » Sat Aug 04, 2001 1:09 pm

i am getting alot of them, can you tell me what they are from?

W_I_Z_K_I_D · Post by **W_I_Z_K_I_D** » Sat Aug 04, 2001 2:03 pm

---Hell yeah man i know where ya comin from..
i get code red requests all tha time..
just ignore'em man..they aint shi#
just a buntch off whato bee chinese hackers....

fredra · Post by **fredra** » Sat Aug 04, 2001 8:40 pm

HEY...folks
There seems to be three (3) separate threads on the same topic here....
Pls go here
Port 80 HTTP scans.....

Thorazine · Post by **Thorazine** » Sat Aug 04, 2001 10:54 pm

Ace420,

The attacks are most likely coming from boxes around the inet that are infected with Code Red.

MrTRiX · Post by **MrTRiX** » Sun Aug 05, 2001 4:26 am

wizkid they may be wannabe's but that is good code. And is rather advnaced in the way it does what it does. All the way up to attacking whitehouse. I dont undertsnad why it does that.

Croc · Post by **Croc** » Sun Aug 05, 2001 5:14 am

Check out what Steve Gibson has to say about his work with CodeRed.
Some interesting reading there at http://www.grc.com.
Allow the first page to take you to the second and you will find the info. Prepare for a big read.

Croc

MrTRiX · Post by **MrTRiX** » Sun Aug 05, 2001 5:35 pm

I set my firewall to tell me whenever TCP In Local 80 is checked and I am at 122 since I started my comp an hour ago. I would like to tell them but theres to many and they may already know. I was thinking that maybe the net should restat. I know it sounds big but once a computer is restarted Code Red is gone because it doesnt write anything to disk. So maybe restart and run the patch just before you start the server. Sounds big but from what I am seeing it sounds worth it.

SG Broadband Community

A show of hands!

A show of hands!

Re: A show of hands!