On Tue, 30 Jul 2002 16:06:02 -0700 James Sparenberg <[EMAIL PROTECTED]> wrote:
> On Mon, 29 Jul 2002 13:20:52 -0700 > Todd Lyons <[EMAIL PROTECTED]> wrote: > > > James Sparenberg wrote on Mon, Jul 29, 2002 at 08:50:24PM > > -0700:> On the subject of Crackers. Note this IP block owned > > by ATT > 12.234.0.0/24 If been getting hit heavily from there > > by a> number > > Ok,,,, Found out what it is. New WinIIS virus called code blue and it's re-spreading like wildfire ( at least in the realm of ATT customers). Starts out checking the class C then the class B then the class A of it's own subnet. Won't affect anyone using *nix but it seems to already be taking down a number of University networks. In fact it seems to be able to install itself using a hole in the WinIIS server. *sigh*... Note to if you follow this link it seems that it has spread through ATT before. http://cert.uni-stuttgart.de/archive/incidents/2001/09/msg00157.html James
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com