[lug] Code Rainbow: New attack, MUCH nastier...
John Starkey
jstarkey at advancecreations.com
Tue Sep 18 13:49:05 MDT 2001
root.exe and cmd.exe in apache's error_log is what I was looking at.
Thus spake Warren Sanders (sanders at MontanaLinux.Org):
> On Tue, 18 Sep 2001, John Starkey wrote:
>
> > Date: Tue, 18 Sep 2001 12:52:22 -0600
> > From: John Starkey <jstarkey at advancecreations.com>
> > Reply-To: lug at lug.boulder.co.us
> > To: lug at lug.boulder.co.us
> > Subject: Re: [lug] Code Rainbow: New attack, MUCH nastier...
> >
> > > Starting at around 7am mountain time this morning (you know, exactly a week
> > > from last Tuesday at 9am eastern time) a new Code-Red-like worm has started
> > > pounding the heck out of the network. It's interesting to note that there
> > > wasn't really a ramp-up time, at 7:20am or so mountain time we just
> > > suddenly started getting pounded on at around 40KB/sec. New, around 2.5
> > > hours later it's up to 60KB/sec.
> >
> > I just checked my logs.... same thing. 7:19 am and 5000 hits since.
> >
> > John
>
> What key words are you searching for with this new rainbow worm?
>
> --
> Warren Sanders
> http://MontanaLinux.Org
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
--
John Starkey
ColoradoParks.net
Advance Creations
More information about the LUG
mailing list