[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Fw: CodeRedII worm..

To: <linux-india-general@xxxxxxxxxxxxxxxxxxxxx>, <linux-india-help@xxxxxxxxxxxxxxxxxxxxx>, <linux-delhi@xxxxxxxxxxxxxxxxxxxxx>, <fsf-india@xxxxxxxxxx>
Subject: Fw: CodeRedII worm..
From: "Mathias Koerber" <mathias@xxxxxxxxxxx>
Date: Tue, 7 Aug 2001 08:54:20 +0800
Reply-to: "Mathias Koerber" <mathias@xxxxxxxxxxx>

-----Original Message-----
From: Valdis.Kletnieks@xxxxxx <Valdis.Kletnieks@xxxxxx>
To: nanog@xxxxxxxxx <nanog@xxxxxxxxx>; bugtraq@xxxxxxxxx
<bugtraq@xxxxxxxxx>; incidents@xxxxxxxxx <incidents@xxxxxxxxx>
Date: Sunday, August 05, 2001 4:30 PM
Subject: CodeRedII worm..

|
|Given that initial analysis of the CodeRedII worm indicates that it leaves
|a backdoor laying around, I hereby request that those people who made
|lists of infected hosts available last time *NOT* do so again.
|
|Although said lists *were* helpful in the analysis and study of the worm's
|tactics, the benefits are certainly outweighted by the fact that the new
|worm creates a known backdoor.  I'm certain that both the CodeRedII author
|and other black hats would love for us to compile a list of afflicted hosts
|for them to use.
|
|So please everybody - if you're sending IP's in to be added to a table,
|make sure you're sending them to a white hat, not to a black hat who's
|managed to social-engineer you.  If you're a white had compiling a list,
|make sure the guy's hat is at least a light grey before you give them
|a copy. ;)
|
| Valdis Kletnieks
| Operating Systems Analyst
| Virginia Tech
|

Prev by Subject: CDROM prob
Next by Subject: cookies
Previous by thread: ARIS worm notification
Next by thread: ARIS -- Oops!
Index(es):
- Subject
- Thread