Worm on 1434 (was Re: Level3 routing issues?)

• Previous message (by thread): Level3 routing issues?
• Next message (by thread): Level3 routing issues?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Same here, I thought at first it was some really strange effect of my ATM 
switch upgrade as the traffic started almost at the exact same time.  I am 
seeing a 100% increase in traffic right now and a chunk of my colo 
customer's machines are infected.

         ---Mike

At 01:19 AM 1/25/2003 -0500, Aaron Burnett wrote:


>On Sat, 25 Jan 2003, Alex Rubenstein wrote:
>
> >
> >
> > I dunno about that. But, I am seeing, in the last couple hours, all kinds
> > of new traffic.
> >
> > like, customers who never get attacked or anything, all of a sudden:
> >
> > 
> http://mrtg.nac.net/switch9.oct.nac.net/3865/switch9.oct.nac.net-3865.html
> >
> >
> > We are seeing this on ports all across out network -- nearly 1/2 our ports
> > are in delta alarm right now.
> >
> > Anyone else?
> >
>
>Yep. Since about 12:30 am. Getting pounded on UDP port 1434 from all over
>the world to any address on my network.

--------------------------------------------------------------------
Mike Tancsa,                          	          tel +1 519 651 3400
Sentex Communications,     			  mike at sentex.net
Providing Internet since 1994                    www.sentex.net
Cambridge, Ontario Canada			  www.sentex.net/mike

• Previous message (by thread): Level3 routing issues?
• Next message (by thread): Level3 routing issues?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]