[Snort-users] Not CodeGreen

bthaler at ...2720... bthaler at ...2720...
Tue Sep 18 12:43:02 EDT 2001


For everyone's information:

The inordinate amount of traffic you're most likely seeing today is almost surely NOT CodeGreen.

CodeGreed was developed as a way to patch server infected with CodeRed.  What you are most likely
seeing is in fact "nimda" which by all accounts seems like the last 3 or 4 big IIS exploits
(CodeRed, Unicode, et all) rolled up into one big exploit.

Again, this is most likely NOT CodeGreen, even though some have referred to it as that.

BTW, my Snort-1.7MySQL database has surpassed 1,000,000 records just today, and is still going
strong.  Hows that for scaleability, baby?

I run Snort-Win32 on one NT SMP machine, and the database from another machine, so the load gets
balanced.

Hats off to Martin R, et all.

Regards,
Brad T.





More information about the Snort-users mailing list