North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Code Red 2 cleanup; reporting..

  • From: mike harrison
  • Date: Fri Aug 10 00:15:58 2001

> FWIW, I just tried to telnet to the 20 most recent hosts I got Code Red II 
> probes from, and didn't get a shell prompt on any of them. Are people 
> cleaning up their boxes that quickly?

I have been told, but not personally conformed confirmed of non IIS
machines being infected with CodeRed (I or II not known, assume II).
Infection method: running an file from somewhere? They still scan out
and seek victims, just no webserver running.