RE: new worm going around?

• From: "Nick Chadwick" <nick@xxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 18 Sep 2001 16:49:51 +0100

Yes, my ISA server is being hit by it. Every 10 minutes or so, it's being hit 
50 times in a matter of seconds.

Nick Chadwick
Development & Technical Support Manager
Comsoft Limited, UK
Tel: +44-(0)20-8240-4452  Fax: +44-(0)20-8240-4449  Mobile: +44-(0)7740-362408
Email: nick@xxxxxxxxxxxxxx <mailto:nick@xxxxxxxxxxxxxx>
Web: http://www.comsoft.ltd.uk/


-----Original Message-----
From: Shayne Lebrun [mailto:slebrun@xxxxxxxxxxx]
Sent: 18 September 2001 16:36
To: [ISAserver.org Discussion List]
Subject: [isalist] new worm going around?


http://www.ISAserver.org


http://slashdot.org/article.pl?sid=01/09/18/151203&mode=nested

Anybody else seeing this?  Lots of attacks on various places cmd.exe
might be.

ISA Snippity-snippit

207.175.201.20  anonymous       -       N       2001-09-18      13:33:53
W3ReverseProxy  GATEKEEPER      -       www     -       -       -
70      -       -       TCP     GET     http://www/MSADC/root.exe?/c+dir
-       -       12202   0x0     Default rule    -


Shayne Lebrun
Senior Systems Administrator
Veredex Logistics
slebrun@xxxxxxxxxxx
Office: (905) 282-1515 x 242
Pager: page_shayne@xxxxxxxxxxx

Think your network might have Code Red?  Find those pesky root.exe files
with Root Finder: http://www.tangozone.com/slebrun/downloads.tml

From a Sun Microsystems bug report (#4102680):
"Workaround: don't pound on the mouse like a wild monkey."

Want to hold up a bank in Latin?
"Catapultam habeo. Nisi pecuniam omnem mihi dabis, ad caput tuum saxum
immane mittam."
(I have a catapult. Give me all the money, or I will fling an enormous
rock
at your head.)

"Lawyers are like chemical weapons.  Everybody gets screwed if they're
let
out."
 

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
nick@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


**********************************************************************
Disclaimer: This e-mail contains proprietary information some or all
of which may be legally privileged. It is for the intended recipient
only. If an addressing or transmission error has misdirected this
e-mail, please notify the author by replying to this e-mail and then
permanently delete the message from your computer. If you are not the
intended recipient you must not use, disclose, distribute, copy, print
or rely on the e-mail.

The opinion expressed in this Email is that of the author and not 
necessarily that of Comsoft Limited.

While attachments are virus checked, Comsoft Limited do not accept any
liability in respect of a virus which is not detected.
**********************************************************************

Other related posts:

• » new worm going around?
• » RE: new worm going around?
• » RE: new worm going around?
• » RE: new worm going around?
• » RE: new worm going around?
• » RE: new worm going around?
• » RE: new worm going around?
• » RE: new worm going around?

1. Home
2. isalist
3. Archive
4. 09-2001

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---