[unisog] Rash of IIS exploits

Brian Reilly reillyb at georgetown.edu
Thu Apr 24 22:10:56 GMT 2003

On Thu, 24 Apr 2003, Phillip G Deneault wrote:

> In the last three days I've gotten a new rash of hacks via IIS
> exploits(about a dozen).  This is much higher ratio than normal(about one
> a month).  Has anyone else seen an increase in hacked hosts?

We see a steady stream of IIS attacks, and vulnerable IIS boxes tend to
have a lifetime of < 1 day before they're compromised.  Do you have any
data to suggest whether the exploits indicate an increase in attacks or
rather an increase in the number of new vulnerable hosts (e.g. unpatched
NT/2000 full installs) being placed in your network?


Brian Reilly, CISSP
University Network Security Officer
Georgetown University Information Services
<reillyb at georgetown.edu>
+1 202.687.2775

More information about the unisog mailing list