Strange Web server log entries have been appearing with increasing frequency over the past several days. Thes have been traced to systems infected with the CODE RED worm. As usual, this system is mostly unaffected by the attacks plauging the most insecure platform on the planet WINDOWS! There is however, a Distributed Denial of Service (DDOS) impact caused by all those worm-ridden windows servers port scanning the internet for more Windows CPU's to exploit.
The log entries look similar to the following (taken from the logs from 08/02/2001:
These are designed to force a buffer overflow in the server and execute the code contained in the later part of the URL. If this is not enough to make you think twice about using WINDOWS on the internet, there is no hope for you - you will be a victim - It is only a matter of time.
These attacks are now being automatically logged separately from other errors and a web page has been developed and made available to view the current log. The administration here finds this most entertaining. The log can be found at the following URL:
