RE: [MLUG - DISCUSSION] Code Red

Email address obfuscation in effect -- please click here to turn it off.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: <EMAIL:PROTECTED>
Subject: RE: [MLUG - DISCUSSION] Code Red
From: "Deterding, Brent D" <EMAIL:PROTECTED>
Date: Wed, 1 Aug 2001 22:02:48 -0500
Reply-To: EMAIL:PROTECTED
Sender: EMAIL:PROTECTED
Thread-Index: AcEa/vE251hZnDCBScy+4pnfUOftbgAAEFgA
Thread-Topic: [MLUG - DISCUSSION] Code Red

Nah, 
	45% as many hosts to infect and an infection rate of .75/hr
rather than 1.75/hr from last time. For once I don't trust incidents.org
- their stats are wrong. Too many ppl log SYN to TCP/80 as codered and
that's just bs. The real number is somewhere around 37,000 today. Read
the securityfocus incidents archive if you really want the info. One guy
did a really cool mathematical analysis of the worm and how it spreads
that many list ppl might like. . . 

-- Brent

I saw about 50 attempts today on my cable modem

-----Original Message-----
From: Michael Procter [mailto:EMAIL:PROTECTED]
Sent: Wednesday, August 01, 2001 7:55 PM
To: EMAIL:PROTECTED
Subject: [MLUG - DISCUSSION] Code Red


It's back bigger than ever for this sample of one:

[EMAIL:PROTECTED httpd]# grep -c "default.ida?NNNNN" acc*
access_log:17
access_log.1:0
access_log.2:12
access_log.3:0
access_log.4:0

-- 
Michael Procter
EMAIL:PROTECTED
--
To manage your subscription, go to
http://mlug.missouri.edu/members/edit.php

Archives are available at http://mlug.missouri.edu/list-archives/
--
To manage your subscription, go to http://mlug.missouri.edu/members/edit.php

Archives are available at http://mlug.missouri.edu/list-archives/

Prev by Date: RE: [MLUG - DISCUSSION] Microsoft: Evil Empire or Suitable Softw are?
Next by Date: RE: [MLUG - DISCUSSION] Microsoft: Evil Empire or Suitable Softw are?
Previous by thread: Re: [MLUG - DISCUSSION] Code Red
Next by thread: [MLUG - DISCUSSION] What is this
Index(es):
- Date
- Thread