Return-Path: <sentto-279987-1441-995620927-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 20 Jul 2001 02:23:07 -0700 (PDT) Received: (qmail 7431 invoked by uid 510); 20 Jul 2001 08:24:51 -0000 Received: from n2.groups.yahoo.com (216.115.96.52) by 204.181.12.215 with SMTP; 20 Jul 2001 08:24:51 -0000 X-eGroups-Return: sentto-279987-1441-995620927-fc=all.net@returns.onelist.com Received: from [10.1.4.54] by hi.egroups.com with NNFMP; 20 Jul 2001 09:22:07 -0000 X-Sender: gar@askgar.com X-Apparently-To: iwar@yahoogroups.com Received: (EGP: mail-7_2_0); 20 Jul 2001 09:22:06 -0000 Received: (qmail 61575 invoked from network); 20 Jul 2001 09:22:06 -0000 Received: from unknown (10.1.10.26) by l8.egroups.com with QMQP; 20 Jul 2001 09:22:06 -0000 Received: from unknown (HELO hall.mail.mindspring.net) (207.69.200.60) by mta1 with SMTP; 20 Jul 2001 09:22:05 -0000 Received: from askgar.com (user-2injr3g.dialup.mindspring.com [165.121.236.112]) by hall.mail.mindspring.net (8.9.3/8.8.5) with ESMTP id FAA15229 for <iwar@yahoogroups.com>; Fri, 20 Jul 2001 05:22:04 -0400 (EDT) Message-ID: <3B581439.7BEA6638@askgar.com> X-Mailer: Mozilla 4.73 [en] (Win98; U) X-Accept-Language: en To: iwar@yahoogroups.com References: <20010719223034.35572.qmail@web14505.mail.yahoo.com> From: Gary Warner <gar@askgar.com> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Fri, 20 Jul 2001 04:21:30 -0700 Reply-To: iwar@yahoogroups.com Subject: [iwar] Code Red worm Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit My recent paper "Privacy vs. Protection" discussed the fact that hundreds of thousands of insecure computers are lying around the Internet waiting to be used as agents of attack. Well, friends, it has happened in a big way. Code Red. We are seeing tens of thousands of Code Red attacks on large networks. Even networks as small as 6 nodes are detecting hundreds of attacks. Every network on which we are running detection is seeing at least 10 attacks per IP. Not bad for a worm that attacks by using a random number generator to pick its targets. As the night has progressed the attacks on our networks have seemed to ease off. We'll see what the morning brings, but I am quite honestly expecting to see the number reach a half million infected servers. For some observations we made, see: http://www.harshtruth.com/warnings.html ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:37 PDT