Code Red Attack

Discussion in 'other firewalls' started by zarzenz, Mar 23, 2004.

Thread Status:
Not open for further replies.
  1. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    Over the last couple of weeks, my Sygate firewall has been detecting "Denial of Service" Code Red attacks.

    Today, I had about 20 of these in a few minutes.

    I never used to get many security warnings at all so I'm now wondering what these are and who they are from. Should I use the backtrace to find out more, or is it best not to use this (as I think I saw someone advise not to do so once) and simply forget it and be happy that the firewall is doing what it is there for.

    It seems to have started to happen about the same time I installed Yahoo Messenger. Is this a possible factor or is this just my mind playing tricks.

    Any info would be very helpful.
     
  2. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    Here is some information:

    http://www.wilderssecurity.com/showthread.php?t=23789

    I personally wouldn't bother to pursue any further information behind the alerts you're receiving. Just ensure your firewall is properly secured. Regarding Yahoo Messenger, ensure your firewall has specific rules to appropriately rectrict Yahoo Messenger (and all your apps). Also ensure Yahoo Messenger is up-to-date.

    Check your setup against Shields Up or PC Flank and rest easy.
     
  3. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    Thanks very much optigrab, I found the info in the link you provided very interesting indeed and shows that this is quite a normal alert and nothing to be over concerned about.

    I also then followed the link that was given to the moved hijack log that the thread mentioned, and was amazed at the number of Yahoo related things in there.

    This is a bit of a concern, and makes me wonder if indeed there is some kind of related factor with my own alerts and my now usage of this messenger program, which was at the specific request of a friend of mine to allow for an extra means of IM capability, but to be honest, if Yahoo can cause problems with systems then I'll just as well prefer to stick with MSN and uninstall Yahoo off my system.

    Wow... there are so many things to watch out for with security these days... I'm sure glad this forum exists to help out with all this and I thank you for your help in pointing me in the right direction.
     
  4. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    You are so right... the amount and complexity of threats amazes me too!

    Glad I could help.
     
Thread Status:
Not open for further replies.