[40737] in North American Network Operators' Group
Re: cisco IOS bug/exploit?
daemon@ATHENA.MIT.EDU (Jason Slagle)
Mon Aug 20 15:39:11 2001
Date: Mon, 20 Aug 2001 15:38:43 -0400 (EDT)
From: Jason Slagle <raistlin@tacorp.net>
To: mike harrison <meuon@highertech.net>
Cc: Jim Mercer <jim@reptiles.org>,
"nanog@merit.edu" <nanog@merit.edu>
In-Reply-To: <Pine.LNX.4.10.10108201528120.10901-100000@home.highertech.net>
Message-ID: <20010820153822.H980-100000@mail.tacorp.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
Were these code red 1, or 2 infected hosts.
Do you have cmd.exe laying anywhere public?
Jason
--
Jason Slagle - CCNP - CCDP
Network Administrator - Toledo Internet Access - Toledo Ohio
- raistlin@tacorp.net - jslagle@toledolink.com - WHOIS JS10172
/"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
\ / ASCII Ribbon Campaign . Interim Team Lead - . Admin -
X - NO HTML/RTF in e-mail . Coders . wombat.dal.net
/ \ - NO Word docs in e-mail . Team Lead - Exploits . DALnet IRC Network
On Mon, 20 Aug 2001, mike harrison wrote:
>
> > starting saturday night, i noticed that snmp queries were failing to one
> > or both of the routers at various points.
>
> Saturday Night...
> Code Red I infected machines started
> flood pinging 65.161.40.42 and 65.161.40.142
> Could this have contributed to the wierdness?
>
>
>
>
>
>
