On Sun, 5 Aug 2001, Les Mikesell wrote:
The descriptions I've seen indicate that it has a flaw in
the attempt to pick random targets.
That was only the first version of Code Red I, Code Red II
(which is the one that is scanning in your neighborhood (close
netblocks)) doesn't have that flaw.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
At 4:17 PM -0500 8/5/01, Les Mikesell wrote:
The descriptions I've seen indicate that it has a flaw in
the attempt to pick random targets. It always uses the
same seed so every instance runs through the same addresses
in the same order. That means
About 80% of the Code Red probes I get leave the message Client sent
malformed header in my error_log. Just curious if others are seeing this?
At 10:00 AM 8/5/01, Reuven M. Lerner wrote:
Alessio Bragadini writes:
Alessio The problem I see: is this module sending out a message
Alessio every time, resulting to multiple messages to the same
Alessio web/postmaster?
Alessio My fear is that we substitute a virus with another...
(and that it
is almost sure to be re-infected if the patch has not been applied).
Les Mikesell
[EMAIL PROTECTED]
- Original Message -
From: Todd Finney [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, August 05, 2001 9:51 AM
Subject: Re: Module to catch (and warn about) Code Red
I