RE: CodeRed Observations. ##

From: Rob Shein (shoten@starpower.net)
Date: 03/18/03

Next message: Robinson, Jonathon: "RE: SPM2000$ Rouge Share"

Previous message: Robinson, Jonathon: "RE: SPM2000$ Rouge Share"
In reply to: root: "RE: CodeRed Observations. ##"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Rob Shein" <shoten@starpower.net>
To: "'root'" <root@ns1.transurban.com.au>, <incidents@securityfocus.com>, <incidents@securityfocus.com>
Date: Tue, 18 Mar 2003 14:45:31 -0500

Ah, but that's the entry that EVERYONE is mentioning, and there are no
others. Doesn't it seem odd that such a specific and peculiar behavior
characteristic of IIS would be SO unmentioned if it were real?

> -----Original Message-----
> From: root [mailto:root@ns1.transurban.com.au]
> Sent: Monday, March 17, 2003 11:14 PM
> To: incidents@securityfocus.com; incidents@securityfocus.com
> Subject: RE: CodeRed Observations. ##
>
>
>
> Subject: RE: CodeRed Observations.
> MIME-Version: 1.0
> Content-Type: text/plain;
> charset="us-ascii"
> Content-Transfer-Encoding: quoted-printable
> Date: Fri, 14 Mar 2003 13:52:40 -0500
> X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0
> Message-ID:
> <D49508FE6BCE104A8D152CC97D4E2F0E6963FD@mail.langleyfcu.org>
> X-MS-Has-Attach:
> X-MS-TNEF-Correlator:
> Thread-Topic: CodeRed Observations.
> Thread-Index: AcLqWuPHlTcxQEoxTAGjH0dy9wj9lQ==
> From: "King, Brian" <BKing@langleyfcu.org>
> To: <incidents@securityfocus.com>
>
> Heres the article that I read about IIS and IE interactions:
> http://grotto11.com/blog/slash.html?+> 1039831658 . Besides
> quicker propagation, not using a
> handshake would allow spoofed IPs so that it would be harder
> to track down and fix. Brian
>
> --------------------------------------------------------------
> --------------
>
> <Pre>Lose another weekend managing your IDS?
> Take back your personal time.
> 15-day free trial of StillSecure Border Guard.</Pre>
> <A href=3D"http://www.securityfocus.com/stillsecure">
> http://www.securityfocus.com/stillsecure </A>
>
>
> .
>
>
> --------------------------------------------------------------
> --------------
>
> <Pre>Lose another weekend managing your IDS?
> Take back your personal time.
> 15-day free trial of StillSecure Border Guard.</Pre>
> <A href="http://www.securityfocus.com/stillsecure">
> http://www.securityfocus.com/stillsecure </A>
>
>

----------------------------------------------------------------------------

<Pre>Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre>
<A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>

Next message: Robinson, Jonathon: "RE: SPM2000$ Rouge Share"

Previous message: Robinson, Jonathon: "RE: SPM2000$ Rouge Share"
In reply to: root: "RE: CodeRed Observations. ##"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]