Anyone else seeing a rise in code red II?
Page 1 of 3 123 LastLast
Results 1 to 10 of 26

Thread: Anyone else seeing a rise in code red II?

  1. #1
    Senior Member
    Join Date
    Feb 2002
    Posts
    518

    Anyone else seeing a rise in code red II?

    It seems my blackice is going off constantly lately with ppl trying code red II attacks, also
    TONS of HTTP attacks, and code red I. It just seems like a really sharp increase lately and I was wondering if you have noticed anything similar?
    Remember -
    The ark was built by amatures...
    The Titanic was built by professionals.

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Ummm.. You sure it's Code Red II and not Code Red III that was announced to exist a few days ago? Check out Incidents and they'll show you what's rising. I suspect that's its more Code Red III.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Senior Member
    Join Date
    Feb 2002
    Posts
    518
    Well I havent updated blackice in a while and it may be misinterpreting it.
    But this has been trickling for about a month, just lately (bout a week) its been worse... Ill look into it tho, thanks for that heads up
    Remember -
    The ark was built by amatures...
    The Titanic was built by professionals.

  4. #4
    Junior Member
    Join Date
    Mar 2003
    Posts
    1
    Check out Incidents and they'll show you what's rising. I suspect that's its more Code Red III.
    I am concerned about the high number or port scans for bearshare. I have searched google and couldn't find any information on an exploit, but i can't help but to wonder. All p2p programs are backdoors into your system. I wonder if someone found a way to exploit privlages with bearshare.

  5. #5
    Member
    Join Date
    Feb 2002
    Posts
    87
    I have noticed a major increase of scanning activity in the last two days. I believe they are attributed to the latest variant of the Code Red virus and possibly the Deloder worm. I could be wrong though.



    ccKid

  6. #6
    Senior Member
    Join Date
    Oct 2001
    Posts
    638
    It seems my blackice is going off constantly lately with ppl trying code red II attacks, also
    TONS of HTTP attacks, and code red I. It just seems like a really sharp increase lately and I was wondering if you have noticed anything similar?
    My firewall IDS has logged a lot more HTTP attacks over the last week. Mainly Code Red and IIS scans. This is almost definitely because of the lastest worms.
    OpenBSD - The proactively secure operating system.

  7. #7
    Now, RFC Compliant! Noia's Avatar
    Join Date
    Jan 2002
    Posts
    1,210
    I'v been gettinc connection attempts from all over on port 35072, can any one confirm this? I havn't been able to figure out wot the port does, I'v checked a bunch of different lists but nada has turned up.....oh well....

    - Noia
    With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .:Bring OS X to x86!:.
    Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.

  8. #8
    Now, RFC Compliant! Noia's Avatar
    Join Date
    Jan 2002
    Posts
    1,210
    I'v been gettinc connection attempts from all over on port 35072, can any one confirm this? I havn't been able to figure out wot the port does, I'v checked a bunch of different lists but nada has turned up.....oh well....

    - Noia
    With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .:Bring OS X to x86!:.
    Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.

  9. #9
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    From what I'm seeing, the target port for this version of Code Red is still port 80.
    I'm not sure what's hitting you Noia.

    Cheers:
    DjM

  10. #10
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    From what I'm seeing, the target port for this version of Code Red is still port 80.
    I'm not sure what's hitting you Noia.

    Cheers:
    DjM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides