At 08:24 PM 7/30/02, you wrote: >On Tue, 30 Jul 2002 16:06:02 -0700 >James Sparenberg <[EMAIL PROTECTED]> wrote: > > > On Mon, 29 Jul 2002 13:20:52 -0700 > > Todd Lyons <[EMAIL PROTECTED]> wrote: > > > > > James Sparenberg wrote on Mon, Jul 29, 2002 at 08:50:24PM > > > -0700:> On the subject of Crackers. Note this IP block owned > > > by ATT > 12.234.0.0/24 If been getting hit heavily from there > > > by a> number > > > >Ok,,,, Found out what it is. New WinIIS virus called code blue >and it's re-spreading like wildfire ( at least in the realm of ATT >customers). Starts out checking the class C then the class B then >the class A of it's own subnet. Won't affect anyone using *nix >but it seems to already be taking down a number of University >networks. In fact it seems to be able to install itself using a >hole in the WinIIS server. *sigh*... Note to if you follow this >link it seems that it has spread through ATT before. > >http://cert.uni-stuttgart.de/archive/incidents/2001/09/msg00157.html > >James
A new virus? Not if memory serves me correctly. Code Blue has been around almost as long as code red - since last year, at the least. The URL you give is dated Sep 18, 2001 - over 10 months ago. David
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
