IDS Activity

Jason Lewis jlewis at packetnexus.com
Fri Oct 12 12:16:24 UTC 2001 

I am aware of several school districts that have shut down due to NIMDA
outbreaks.  I only mention it, because that is a significant number of
hosts.  They shutdown yesterday....maybe NIMDA is making a return.

jas

-----Original Message-----
From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu]On Behalf Of
Eric Germann
Sent: Friday, October 12, 2001 7:07 AM
To: chris at bblabs.com; nanog at merit.edu
Subject: RE: IDS Activity



The pattern looks like the usual Nimda/CodeRedI/CodeRedII stuff.  The
frequency of scans is upticking though.  Whether its planned or is a social
effect of possibly more machines on due to news, therefore more hosts for
the scanners, is unknown.  Just keeping an eye on things.

Eric


> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu]On Behalf Of
> Christopher Wolff
> Sent: Friday, October 12, 2001 1:26 AM
> To: nanog at merit.edu
> Subject: Re: IDS Activity
>
>
>
> I haven't seen the IDS trips; however there has been an anomalous
> pattern of traffic on our border routers since 1400 MST.
>
> Please let me and the group know what you're seeing.
>
> ---------- Original Message ----------------------------------
> From: "Eric Germann" <ekgermann at cctec.com>
> Reply-To: <ekgermann at cctec.com>
> Date: Fri, 12 Oct 2001 01:03:43 -0400
>
> >Anyone seeing a ramp up in IDS trips?  We've seen an 8-10 fold
> increase in
> >the last two hours.
> >
> >
> >=================================================================
> =========
> >  Eric Germann                                        CCTec
> >  ekgermann at cctec.com                                 Van Wert OH 45801
> >  http://www.cctec.com                                Ph:  419 968 2640
> >                                                      Fax: 603 825 5893
> >
> >"It is so easy to miss pretty trivial solutions to problems deemed
> >complicated.  The goal of a scientist is to find an interesting problem,
> >and live off it for a while.  The goal of an engineer is to evade
> >interesting problems :)"  -- Vadim Antonov <avg at kotovnik.com> on NANOG
> >
> >
> >
> >
> >
>

More information about the NANOG mailing list