IDS Activity
Eric Germann
ekgermann at cctec.com
Fri Oct 12 11:07:27 UTC 2001
The pattern looks like the usual Nimda/CodeRedI/CodeRedII stuff. The
frequency of scans is upticking though. Whether its planned or is a social
effect of possibly more machines on due to news, therefore more hosts for
the scanners, is unknown. Just keeping an eye on things.
Eric
> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu]On Behalf Of
> Christopher Wolff
> Sent: Friday, October 12, 2001 1:26 AM
> To: nanog at merit.edu
> Subject: Re: IDS Activity
>
>
>
> I haven't seen the IDS trips; however there has been an anomalous
> pattern of traffic on our border routers since 1400 MST.
>
> Please let me and the group know what you're seeing.
>
> ---------- Original Message ----------------------------------
> From: "Eric Germann" <ekgermann at cctec.com>
> Reply-To: <ekgermann at cctec.com>
> Date: Fri, 12 Oct 2001 01:03:43 -0400
>
> >Anyone seeing a ramp up in IDS trips? We've seen an 8-10 fold
> increase in
> >the last two hours.
> >
> >
> >=================================================================
> =========
> > Eric Germann CCTec
> > ekgermann at cctec.com Van Wert OH 45801
> > http://www.cctec.com Ph: 419 968 2640
> > Fax: 603 825 5893
> >
> >"It is so easy to miss pretty trivial solutions to problems deemed
> >complicated. The goal of a scientist is to find an interesting problem,
> >and live off it for a while. The goal of an engineer is to evade
> >interesting problems :)" -- Vadim Antonov <avg at kotovnik.com> on NANOG
> >
> >
> >
> >
> >
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Eric Germann.vcf
Type: text/x-vcard
Size: 419 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20011012/8485d781/attachment.vcf>
More information about the NANOG
mailing list