[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Code red II propagation.
- To: linux-il(at-nospam)linux.org.il
- Subject: Code red II propagation.
- From: Yotam Rubin <yotam(at-nospam)makif.omer.k12.il>
- Date: Sun, 5 Aug 2001 16:34:52 +0300
- Delivered-To: linux.org.il-linux-il@linux.org.il
- Mail-Followup-To: linux-il@linux.org.il
- Sender: linux-il-bounce(at-nospam)cs.huji.ac.il
- User-Agent: Mutt/1.3.15i
Greetings,
With the new worm out there, also known as Code Red II it is very
easy to determine which hosts in Israel are infected. Just for the sake
of gloating, I've provided the following list of infected hosts in Israel:
(Obviously, this is far from definitive, this is only what appears in my logs)
192.117.120.98
192.117.135.213
192.117.138.34
192.117.138.36
192.117.140.211
192.117.150.250
192.117.153.52
192.117.160.35
192.117.166.25
192.117.169.195
192.117.172.214
192.117.188.211
192.117.188.245
192.117.234.165
192.117.234.185
192.117.234.191
192.117.234.232
192.117.234.240
192.117.234.91
I think we can determine the approximate number of infected hosts in Israel
with enough data, what are you seeing?
Oh yeah, BTW, the new worm also leaves a nice little trojan on the infected
host so any little script kiddie can just grep his logs and find machines
to abuse.
Regards, Yotam Rubin
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il