Correct. IIRC, you only see the attempts by Code Red if you are safe
from the worm. If the worm infected your computer, you would never see
the attempts in your log file.
- Jay
-----Original Message-----
From: Bruce Sorge [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 14, 2001 9:55 PM
To: CF-Talk
Subject: Re: IIS Log Entry
But since I am patched, then I should not have anything to worry about?
----- Original Message -----
From: "tom muck" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Tuesday, August 14, 2001 8:07 PM
Subject: Re: IIS Log Entry
> It means a computer infected with Code Read virus is trying to infect
> your IIS.
>
> tom
> www.basic-ultradev.com
>
> "Bruce Sorge" <[EMAIL PROTECTED]> wrote in message
> 004301c12523$b9202820$[EMAIL PROTECTED]">news:004301c12523$b9202820$[EMAIL PROTECTED]...
> > All this talk about IIS Server logs got me to looking at my raw log
files
> instead of just having WebTrends do the looking for me, and I have
> found a very interesting entry that I do not know what it is. It is:
> > 2001-08-13 00:35:00 195.124.132.5 - 10.7.128.164 80 GET
>
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
>
NNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%uc
bd3%
>
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
