[tus] Re: [iwar] Code Red worm

From: Kevin Manson (unhprofessor@hotmail.com)
Date: 2001-07-20 06:30:56


Return-Path: <sentto-342715-1594-995635895-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 20 Jul 2001 06:33:07 -0700 (PDT)
Received: (qmail 15429 invoked by uid 510); 20 Jul 2001 12:34:22 -0000
Received: from n8.groups.yahoo.com (216.115.96.58) by 204.181.12.215 with SMTP; 20 Jul 2001 12:34:22 -0000
X-eGroups-Return: sentto-342715-1594-995635895-fc=all.net@returns.onelist.com
Received: from [10.1.4.52] by fk.egroups.com with NNFMP; 20 Jul 2001 13:31:38 -0000
X-Sender: unhprofessor@hotmail.com
X-Apparently-To: tus2@egroups.com
Received: (EGP: mail-7_2_0); 20 Jul 2001 13:31:34 -0000
Received: (qmail 82539 invoked from network); 20 Jul 2001 13:30:56 -0000
Received: from unknown (10.1.10.27) by m8.onelist.org with QMQP; 20 Jul 2001 13:30:56 -0000
Received: from unknown (HELO hotmail.com) (216.33.237.82) by mta2 with SMTP; 20 Jul 2001 13:30:56 -0000
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Fri, 20 Jul 2001 06:30:56 -0700
Received: from 199.196.144.12 by lw7fd.law7.hotmail.msn.com with HTTP;	Fri, 20 Jul 2001 13:30:56 GMT
X-Originating-IP: [199.196.144.12]
To: iwar@yahoogroups.com
Bcc: 
Message-ID: <F82iOa7ddhlHs46tfUD0000184f@hotmail.com>
X-OriginalArrivalTime: 20 Jul 2001 13:30:56.0337 (UTC) FILETIME=[34AB9410:01C11120]
From: "Kevin Manson" <unhprofessor@hotmail.com>
Mailing-List: list tus2@yahoogroups.com; contact tus2-owner@yahoogroups.com
Delivered-To: mailing list tus2@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:tus2-unsubscribe@yahoogroups.com>
Date: Fri, 20 Jul 2001 09:30:56 -0400
Reply-To: tus2@yahoogroups.com
Subject: [tus] Re: [iwar] Code Red worm
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

And, hence, our call for "Building the Cyber Civil Defense Corps" in our 
Black Hat Briefings 2001 Keynote address last week in Las Vegas (Bill Tafoya 
and Kevin Manson). Thanks, Fred for your long-standing dedication to 
protection and defense of the "Matrix" (with apologies to John Quartermann).

Kevin Manson

++++++++++++++++++++ SIG ++++++++++++++++++++++
"The 'Elite' are not those who attack and wreak
damage in cyberspace, they are, rather, those
who are dedicated to its defense."
http://all.net/cybercop/Files/bio.htm
Supercomputing for Public Safety
"A Spare CPU Cycle is a Terrible Thing to Waste"
+++++++++++++++++++++++++++++++++++++++++++++++



----Original Message Follows----
From: Gary Warner <gar@askgar.com>
Reply-To: iwar@yahoogroups.com
To: iwar@yahoogroups.com
Subject: [iwar] Code Red worm
Date: Fri, 20 Jul 2001 04:21:30 -0700

My recent paper "Privacy vs. Protection" discussed the fact that
hundreds of thousands of insecure computers are lying around the
Internet waiting to be used as agents of attack.  Well, friends, it has 
happened in a big way.  Code Red.

We are seeing tens of thousands of Code Red attacks on large networks.
Even networks as small as 6 nodes are detecting hundreds of attacks.
Every network on which we are running detection is seeing at least 10
attacks per IP.  Not bad for a worm that attacks by using a random
number generator to pick its targets.

As the night has progressed the attacks on our networks have seemed to
ease off.  We'll see what the morning brings, but I am quite honestly
expecting to see the number reach a half million infected servers.

For some observations we made, see:

http://www.harshtruth.com/warnings.html




_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp


Community email addresses:
  Post message: tus@onelist.com
  Subscribe:    tus-subscribe@onelist.com
  Unsubscribe:  tus-unsubscribe@onelist.com
  List owner:   tus-owner@onelist.com

Shortcut URL to this page:
  http://www.onelist.com/community/tus 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:37 PDT