[CLUG-chat] What is "default.ida"
gary at evalunet.co.za
Mon Jun 9 14:03:31 SAST 2003
gives as the first two results
Apache Week. Code Red requests for /default.ida
... First published: 17th August 2001. Code Red requests for /default.ida.
We receive a large number of messages from system administrators ...
www.apacheweek.com/features/codered - 14k - Cached - Similar pages
default.ida - short info
Code Red, the "default.ida" based worm. ... This worm doesn't have any link
Pro itself, it uses an vulnerability called "default.ida" in Microsoft IIS .
www.datarescue.com/fprot/virinfo/defaultida.htm - 10k - Cached - Similar
Which would make it seem to be some silly person who still has the Code Red
worm running on their machine.
----- Original Message -----
From: "Mike Morris" <mike.morris at cocosoft.co.za>
To: <clug-chat at clug.org.za>
Sent: Monday, June 09, 2003 11:22 AM
Subject: [CLUG-chat] What is "default.ida"
> Lately I've had a bunch of attempts to GET a file called "default.ida"
> from my webserver. Seems to be an IIS thing and somebody(bodies) trying
> to crack or otherwise hammer on the server.
> Just curious to know what this "default.ida" file is supposed to
> do/contain, and any suggestions for attaching something nasty to/in
> it... ;-)
> mike morris
> cOcO software
> email: mike.morris (at) cocosoft . co . za
> mike.morris (at) coco-technologies . co . za
> ph: (Local) 044 388 4635
> (Int'l) +27 44 388 4635
> ----- A day without chillies is a day wasted ------
More information about the Clug-chat