Re: Code red

2001-08-20 Thread Daniel Chenault
EVERYTHING gets logged. - Original Message - From: "Chris Haaker" <[EMAIL PROTECTED]> To: "Exchange Discussions" <[EMAIL PROTECTED]> Sent: Monday, August 20, 2001 12:29 PM Subject: Re: Code red > This appears in my log just once: > > 2001-08-20

Re: Code red

2001-08-20 Thread Daniel Chenault
The logfiles show the _attempt_ to infect. Symantec's scanner is broken. - Original Message - From: "Chris Haaker" <[EMAIL PROTECTED]> To: "Exchange Discussions" <[EMAIL PROTECTED]> Sent: Monday, August 20, 2001 12:12 PM Subject: Re: Code red &

RE: Code red

2001-08-20 Thread Tom Meunier
ng List > Conversation: Code red > Subject: Re: Code red > > > How do you tell the diff? > > - > I was thinking about how people seem to read the Bible a > whole lot more as > they get older

Re: Code red

2001-08-20 Thread Chris Haaker
... - - Original Message - From: "Martin Blackstone" <[EMAIL PROTECTED]> To: "Exchange Discussions" <[EMAIL PROTECTED]> Sent: Monday, August 20, 2001 1:31 PM Subject: RE: Code red > That is just the attempt. > Besides, isn't code red asleep right

Re: Code red

2001-08-20 Thread Chris Haaker
David" <[EMAIL PROTECTED]> To: "Exchange Discussions" <[EMAIL PROTECTED]> Sent: Monday, August 20, 2001 1:16 PM Subject: RE: Code red > But he's apparently seeing it in the logs as well. > Chris, What do the w3svc logs say? Is the attack successful or n

RE: Code red

2001-08-20 Thread Martin Blackstone
That is just the attempt. Besides, isn't code red asleep right now? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Chris Haaker Sent: Monday, August 20, 2001 10:29 AM To: Exchange Discussions Subject: Re: Code red This appears in my log just

RE: Code red

2001-08-20 Thread Dunn, Nancy
onday, August 20, 2001 1:08 PM To: Exchange Discussions Subject: RE: Code red You may also want to install the "roll up" IIS hotfix now out. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur ity/bulletin/MS01-044.asp -Original Message- From: [EMAIL PRO

Re: Code red

2001-08-20 Thread Chris Haaker
t; <[EMAIL PROTECTED]> To: "Exchange Discussions" <[EMAIL PROTECTED]> Sent: Monday, August 20, 2001 1:16 PM Subject: RE: Code red > But he's apparently seeing it in the logs as well. > Chris, What do the w3svc logs say? Is the attack successful or not? > You ca

RE: Code red

2001-08-20 Thread Martin Blackstone
August 20, 2001 10:02 AM To: Exchange Discussions Subject: RE: Code red Get rid of the Symantec scanner. My dead grandma has a better chance of telling you accurately whether you have Code Red. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Haaker Se

RE: Code red

2001-08-20 Thread Joe Pochedley
ons Subject: RE: Code red have you applied the security patch? > -Original Message- > From: Chris Haaker [SMTP:[EMAIL PROTECTED]] > Sent: Monday, August 20, 2001 10:56 AM > To: Exchange Discussions > Subject: OT: Code red > > anyone have an idea that has been

RE: Code red

2001-08-20 Thread Andy David
MCSE [mailto:[EMAIL PROTECTED]] Sent: Monday, August 20, 2001 1:02 PM To: Exchange Discussions Subject: RE: Code red Get rid of the Symantec scanner. My dead grandma has a better chance of telling you accurately whether you have Code Red. -Original Message- From: [EMAIL PROTECTED] [m

Re: Code red

2001-08-20 Thread Chris Haaker
... - - Original Message - From: "Bill Kuhn - MCSE" <[EMAIL PROTECTED]> To: "Exchange Discussions" <[EMAIL PROTECTED]> Sent: Monday, August 20, 2001 1:02 PM Subject: RE: Code red Get rid of the Symante

Re: Code red

2001-08-20 Thread Chris Haaker
... - - Original Message - From: "Fabrig, Amado" <[EMAIL PROTECTED]> To: "Exchange Discussions" <[EMAIL PROTECTED]> Sent: Monday, August 20, 2001 1:01 PM Subject: RE: Code red > have you applied the security patch? > > > -Original Message- &

RE: Code red

2001-08-20 Thread Bill Kuhn - MCSE
Get rid of the Symantec scanner. My dead grandma has a better chance of telling you accurately whether you have Code Red. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Haaker Sent: Monday, August 20, 2001 11:56 AM To: ExchangeList@swynk Subject: O

RE: Code red

2001-08-20 Thread Fabrig, Amado
have you applied the security patch? > -Original Message- > From: Chris Haaker [SMTP:[EMAIL PROTECTED]] > Sent: Monday, August 20, 2001 10:56 AM > To: Exchange Discussions > Subject: OT: Code red > > anyone have an idea that has been working with code red? > > I have a win2k serv