Apparently there's a new worm in town... Code Red II... that's a brand new worm, which appeared on the scene sometime Saturday.

http://grc.com/codered/codered.htm

Like the original Code Red, it's a worm that's a "Windows thing"... :rolleyes:

yeah - It sends the following request to a server:

***.**.**.** - - [04/Aug/2001:20:20:26 -0400] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858% ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%uc bd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531 b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 282 "-" "-"

Notice the gratuitous X's instead of N's...Of course, Apache just laughs back with a 404!

The best thing I have heard is all those idiots out there who pirated Windows that they pirated "Windows 2000 Server" and not "Windows 2000 Workstation", and there has been cases where these muppets have phoned up MS all stating the same serial number....!

Remember Linux condoms are great for stopping Microsoft transmitted diseases.

Originally posted by Studio-51
yeah - It sends the following request to a server:

***.**.**.** - - [04/Aug/2001:20:20:26 -0400] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858% ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%uc bd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531 b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 282 "-" "-"

Notice the gratuitous X's instead of N's...Of course, Apache just laughs back with a 404!

The best thing I have heard is all those idiots out there who pirated Windows that they pirated "Windows 2000 Server" and not "Windows 2000 Workstation", and there has been cases where these muppets have phoned up MS all stating the same serial number....!

Remember Linux condoms are great for stopping Microsoft transmitted diseases.

i have seen the Xs in my error log yesterday :eek:

Hello

What are exact results of being hacked by this RED?

Regards,
Mac

Originally posted by sarmadys
What are exact results of being hacked by this RED?


http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0108&L=ntbugtraq&D=0&F=P&P=279

for 2 days now.

This virus dosent seem do be able to differentiate an OS before it has a try.

Originally posted by Cyberpunk
This virus dosent seem do be able to differentiate an OS before it has a try.

erm, that is an interesting concept, a worm that is psycic;) like that is its scan + test for what OS it is...two for the price of one :)