Topics
Tags
Favorite Links
Translate
Pick Your Language
Security Books
Archives
Recent entries...
Twitter
Sponsored Ads
Popular Pages
Sponsored Ads
The Web Security Mailing List

« The Worm that won't die | Main | Htaccess Tutorial Part 3 released »

Code Red Part 3: Backdooring your IIS machine

Yet another variant of Code Red worm has come
out that not only exploits you but backdoors
your webserver. It creates a file called root.exe
which is really a copy of your cmd.exe file. This
will allow a attacker to execute commands on your 
machine with complete control. This can also allow
people to commit large scale ddos attacks with ease.

It is VERY IMPORTANT to patch if you haven't already.
Please visit the links below for some further information.

theregister.co.uk
Incidents.org
Code Red Request log examples(Look at attack signatures)

Posted by Robert A. on 08/06/2001 in Incidents , IndustryNews , Worms | Permalink | Reddit

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!


Post a comment







Remember personal info?


Copyright 2000-2009 CGISecurity.com | Privacy Policy| java mailing list| resolve ip| Mailing Lists | Sony deals