3+ hours into "Code Red" (BST)

• Previous message (by thread): Cisco, Qwest, Cert, NIPC (was Re: Code Red -> Router Memory depletion? )
• Next message (by thread): Code Red & Abilene
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Oddly, right around 5pm(PST) I noticed less and less traffic(scans at my
firewall) looking for tcp port 80. At the height of today 50% of our traffic
on one of our T1s was various foreign addresses looking for open http
servers. This is much more then usual and at first thought to be a spoof
attack, but the nodes being scanned were too random. Don't know, but most of
the ips we logged turned out to be MS IIS none patched boxes. Wonder if
these hits on valid http servers are counted as hits and charged to the
advertisers? lol.
Oh well.

-Joe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20010719/7e695a08/attachment.html>

• Previous message (by thread): Cisco, Qwest, Cert, NIPC (was Re: Code Red -> Router Memory depletion? )
• Next message (by thread): Code Red & Abilene
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]