[Dshield] I rejoined the list...

Manuel Lanctot pacu at sympatico.ca
Sun Oct 20 00:57:58 GMT 2002

On Saturday 19 October 2002 06:47 pm, John Draper wrote:
> CODE RED - A lot of people on this list have been reporting a huge increase
> in Code Red attampts on port 80.
> Earlier today,   i port mapped an OpenBSD box to a specific machine on our
> internal network - to help me solve an apache problem.   Seems that Apache
> had done some things that aren't making people very happy,   so I had to
> allow a friend to get on the box to help me,  and I needed to open up port
> 80 for testing.   Within 8 seconds of opening port 80,   WHAM!  we started
> getting code red attacks...   BOY!   These people in Asia must be super
> busy...
> John

I get a few Code Red probes everyday, but that doesn't beat the 200+ probes 
on port 4156 (Linux Slapper variant). Most of these are coming from Italy, 
Asia (Taiwan/Japan) and people using the same ISP as me (Bell Sympatico).

Manuel Lanctot
PACU Communications

More information about the list mailing list