RE: default.ida?

Richard Kuryk Fri, 03 Aug 2001 03:11:18 -0700
Your system is "Patched! NT 4 system" According to the code red scanner.

Rich

-----Original Message-----
From: Edward Chanter [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 02, 2001 10:50 AM
To: CF-Talk
Subject: RE: default.ida?


193.122.20.5 - Production
193.122.20.8 - Development

Why?



> -----Original Message-----
> From: Tangorre, Mike [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, August 02, 2001 3:34 PM
> To: CF-Talk
> Subject: RE: default.ida?
>
>
> whats yur ip?  :-)
>
>
> Michael T. Tangorre
> --------------------------------------------
> Web Applications Developer
> Office Phone: 703-558-4746
> Cellular Phone: 607-426-9277
> AIM: CrazyFlash4
> Personal Email: [EMAIL PROTECTED]
> Work Email: [EMAIL PROTECTED]
> School Email: [EMAIL PROTECTED]
> --------------------------------------------
> This Email contains MillenniuM Information
> Systems, LLC Privileged Information which
> is Customer or Business Sensitive.
> --------------------------------------------
>
>
> -----Original Message-----
> From: Edward Chanter [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, August 02, 2001 10:32 AM
> To: CF-Talk
> Subject: RE: default.ida?
>
>
> > -----Original Message-----
> > > I don't actually think it's hysteria mate, do you want to see
> > > a copy of my
> > > IDS logs????
> >
> > Not really, no. They tend to be boring and full of kidz getting 404's.
>
> :-) I did say IDS logs though, they filter out all the crap and
> only show me
> the ISAPI Extension Overflow errors.....
>
> > > There are a large number of attacks going on as
> > > I write this
> >
> > Woo-wee - where have you been ? An ongoing scan of your system is
> > a *FACT OF
> > LIFE* for a system on the internet.
> > My dial-up gateway at home gets scanned !
>
> Tell me about it, then again, my server very rarely blocks anyone, so far
> today it's implemented over  300 24 bans on various IP addresses
> in the last
> 12 hours..... That is unusual.....
>
> > > and anyone running an unpatched/unprotected IIS server needs
> > > to do something
> > > about it asap.
> >
> > No, anyone running an unpatched/unprotected IIS server on a
> public network
> > needs to fired, as their not doing their job. The patch was all
> > over BugTraq
> > et al. well before Code Red was released.
>
> Agreed!
>
> > But, if you look at the domains from which these scans originate,
> > most have
> > no reverse look-up, or are from ISP's like @home <shrug> and
> > those are just
> > the people who wont care, because Code Red version 2 is non
> destructive to
> > the local machine.
>
> Lot's of Chinese, Japanese, Koreans, Mexicans and a few US and EU academic
> one's as well...... There are even some coming in as 0.0.0.0
>
> I have had a few responses from some of the ones  I thought would take
> action, some very sheepish IISadmins out there :-)
>
> We're averaging a new attempt every minute or so....
>
>       -= Ed
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: default.ida?

Reply via email to
