[unisog] CodeRed triggers workstation virus protection

H. Morrow Long morrow.long at yale.edu
Tue Aug 7 00:58:29 GMT 2001

Yes, I've seen this with some web pages which only had such a short sentence 
in their source.  - Morrow

Steve Bernard wrote:
> Does anyone know why browsing to an infected IIS server will trigger Norton
> Anti-Virus on the client? Have the anti-virus vendors added a signature for
> the "Hacked by Chinese" web page to help spread the word? I'm not on a
> client that is vulnerable to CR but, I keep getting the advisories as if the
> web server is trying to send the worm to my workstation. I hadn't
> encountered this before.
> Thanks,
> Steve
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4243 bytes
Desc: S/MIME Cryptographic Signature
Url : http://www.dshield.org/pipermail/unisog/attachments/20010806/ef03d4b7/smime-0007.bin

More information about the unisog mailing list