On Thu, 19 Jul 2001, Mike Brockman wrote:
> >From what i read about the 'Code Red'-worm, it was supposed to be scanning
> for IIS-servers. It obviously is'nt, i believe it tries to infect
> everything they find on port 80, or something as simple as that.
>
Run nc -l -p 80 > worm, and you'll get a copy. It's not scanning
in any sense, it just tries a connect, and sends the string.
Ryan
- 'Code Red' does not seem to be scanning for IIS Mike Brockman
- RE: 'Code Red' does not seem to be scanning fo... Marc Maiffret
- RE: 'Code Red' does not seem to be scannin... Emre Yildirim
- Re: 'Code Red' does not seem to be scanning fo... Ethan Butterfield
- Re: 'Code Red' does not seem to be scannin... daniel uriah clemens
- RE: 'Code Red' does not seem to be scanning fo... Ryan Russell
- RE: 'Code Red' does not seem to be scanning fo... Kelly Martin
- Re(2): 'Code Red' does not seem to be scan... Ken Eichman
- RE: 'Code Red' does not seem to be scannin... Duncan Hill
- Re: 'Code Red' does not seem to be sca... Stephen Cimarelli
- RE: 'Code Red' does not seem to be scanning fo... Tony Langdon
- Re: 'Code Red' does not seem to be scanning fo... George William Herbert
