Hello all,

After browsing my apache logs for a development box, I found SEVERAL Code
Red requests "GET default.ida?...".  I moved my port from 80 to 8081 so I
won't get flooded all the time.

Now how about this one... there are several log entries that start with:
	"GET /scripts/..%c1%9c../winnt/system32/cmd.exe... - 404"
followed by several hundred lines of binary looking garbage:
	";øv‰FÈ‹NÈ+Á‰E"

I read somewhere that the cmd.exe is part of Code Red's attack.  Does anyone
know what exactly is all the binary garbage I am getting in my log files?

Thanks,
Steve B.

PS I will be glad when code red is gone and we can talk about Linux on
Mainframes again :)