code red---- on system that is already (and has been) patched
From: Sandy Ryan (sryan@seewolf.com)
Date: 03/03/03
- Previous message: Chris Davis: "host header names as security devices"
- Next in thread: Mike Heitz: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Mike Heitz: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Kurt Keys: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Levinson, Karl: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Dill, Stephen: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Mike Heitz: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Sandy Ryan: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Dimitri Limanovski: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Mike Alexander: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Dill, Stephen: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Chris Davis: "RE: code red---- on system that is already (and has been) patched"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 3 Mar 2003 16:47:00 -0000 From: Sandy Ryan <sryan@seewolf.com> To: focus-ms@securityfocus.com('binary' encoding is not supported, stored as-is)
well - I doubt that the log is right - because I think the 200 implies
that its not infected - by when my customer sees his report - and path
taken through the site he sees worm.com
here's the log (simplified to get through the moderator)
GET /default.ida
NN----NN%u9090%u6858%ucbd3%u7801...%u9090%u9090%u8190%u00c3%u0003%u8b00%
u531b%u53ff%u0078%u0000%u00=a 200 0 206 4039 266 HTTP/1.0 [you know the
url]- - -
- Previous message: Chris Davis: "host header names as security devices"
- Next in thread: Mike Heitz: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Mike Heitz: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Kurt Keys: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Levinson, Karl: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Dill, Stephen: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Mike Heitz: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Sandy Ryan: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Dimitri Limanovski: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Mike Alexander: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Dill, Stephen: "RE: code red---- on system that is already (and has been) patched"
- Maybe reply: Chris Davis: "RE: code red---- on system that is already (and has been) patched"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
