Date: Thu, 20 Sep 2001 08:04:14 -0700 (PDT) From: David Kirchner <davidk@accretivetg.com> To: Dennis Mathiasen <dennis@borg.com> Cc: <security@FreeBSD.ORG> Subject: RE: NIMDA Virus (OT) Message-ID: <20010920080301.W85958-100000@localhost> In-Reply-To: <NFBBLPGAMKGJPAINGIJKGEOJCGAA.dennis@borg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
That's a standard web page for an IIS server, I believe - Not actually owned by Microsoft itself. Their servers are in the 207.46 block. I haven't seen any hits from them this time. I saw *tons* from them during Code Red, though. I'm sure they took the lame approach to security though, and set up a firewall, this one to block outbound port 80 requests. On Thu, 20 Sep 2001, Dennis Mathiasen wrote: > > Also, another M$ site: 216.1.23.10 a page about the NT 4.0 Option pack is > infected. > > Sounds like a news story to me. :) > > > Fyi, in case anyone hasn't noticed, Microsoft's Frontpage site > > `http://www.microsoft.com/frontpage has been infected. > > > > wget -q http://www.microsoft.com/frontpage; tail index.html > > > > (assuming it hasn't been fixed yet) > > This has been fixed now. > > Dennis Mathiasen > dennislm@dreamscape.com > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010920080301.W85958-100000>