Hard data on network impact of the "Code Red" worm?

• Previous message (by thread): Hard data on network impact of the "Code Red" worm?
• Next message (by thread): telnet vs ssh on Core equipment , looking for reasons why ?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> From: Hank Nussbacher [mailto:hank at att.net.il]
> Sent: Monday, July 30, 2001 11:41 PM

> bandwidth - typically FastEthernet.  So targetting IIS 
> servers is a sure 
> way of maximizing your zombie power (the only more powerful 
> worm would be 
> an Apache zombie which has about 18M potential clients or a 
> bind worm-zombie).

Cut it out! You're making my blood run cold. Four years ago, I had three
systems cracked by mwsh. The entry was via BIND. They were a Linux boxen and
the exploit downloaded mwsh source code and compiled it. It could, just as
easily, do that with CodeRed sources. Fortunatelyy, most BIND installations
have been upgraded since then. But, I'll bet that there are a few that
haven't been. Is Raul Dhesi listening?

<shudder>

• Previous message (by thread): Hard data on network impact of the "Code Red" worm?
• Next message (by thread): telnet vs ssh on Core equipment , looking for reasons why ?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]