Worm probes
Roeland Meyer
rmeyer at mhsc.com
Tue Sep 18 18:54:18 UTC 2001
There has already been a massive application of the patches, according to
www.netcraft.com at http://www.netcraft.com/survey/#August, Code Red
vulnerability has dropped to less than 20%, since July. It continues to
drop. Your general characterization of cluelessness is a bit unfair. It is
puzzeling that root.exe vulnerability is the only indicator that continues
to rise, albeit slowly. Netcraft shows it to be >10% at the moment.
BTW, I'm still seeing massive scanning activity.
|> From: sigma at pair.com [mailto:sigma at pair.com]
|> Sent: Tuesday, September 18, 2001 10:37 AM
|>
|> Along those lines, weren't there some projects last time
|> around to find and
|> clean up the affected machines? Clearly there are LOTS of
|> vulnerable NT
|> servers still out there. Presumably these are being
|> responded to just like
|> Smurf amplifiers, and the problem is just that the admins
|> are clueless or
|> unreachable?
|>
|> So far the most prolific network probing us has belonged to
|> 9NetAve, which
|> was bought by Concentric shortly before they became XO.
|> > Hopefully the notification does some good.
|> >
|>
More information about the NANOG
mailing list