ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Code Red still at IETF 52 ?

2001-12-10 10:30:03
from [a . saha] [Permanent Link] 
It seems that we still have some code red attacks coming into the
IETF 52 network.  Does 12.234.20.53 happen to be a machine owned
by Novell ?

Dec 10 21:57:13 voojagig tcpsuck[1110]: Data from UNKNOWN (12.234.20.53)
port 4774 to http (port 80)
Dec 10 21:57:13 voojagig tcpsuck[1110]:    0- 47455420 2f736372 69707473
2f726f6f     GET /scripts/roo
Dec 10 21:57:13 voojagig tcpsuck[1110]:   16- 742e6578 653f2f63 2b646972
20485454     t.exe?/c+dir HTT
Dec 10 21:57:13 voojagig tcpsuck[1110]:   32- 502f312e 300d0a48 6f73743a
20777777     P/1.0..Host: www
Dec 10 21:57:13 voojagig tcpsuck[1110]:   48- 0d0a436f 6e6e6e65 6374696f
6e3a2063     ..Connnection: c
Dec 10 21:57:13 voojagig tcpsuck[1110]:   64- 6c6f7365 0d0a0d0a

-- 
/amlan
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: End-to-End vision. Is it visionary ?, Lionel Gauliardon
Next by Date:  FAQ on RDMA available, allyn
Previous by Thread:  ITU CDs are on the way, Ostap Monkewich
Next by Thread:  Re: Code Red still at IETF 52 ?, Steven M. Bellovin
Indexes:  [Date] [Thread] [Top] [All Lists]