North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Code Red on dial-in ppp

  • From: Mitch Halmu
  • Date: Sat Jul 21 12:44:28 2001


On Sat, 21 Jul 2001, Jason A. Mills wrote:

> I'm not sure I see why a POTS PPP link, or some other slow(er) on demand
> link might stop CodeRed. The first-pass payload is under 4096 bytes
> including framing, not exactly something you need a lot of low-latency
> bandwidth to push through. :-/
> 
> -J

The problem I described is that the Windows machines in question are not 
necessarily dedicated web servers, but can be regular dial-in users. 
Normally, such users don't run a web server over dial-up, yet they seem
to be vulnerable if the attack occurs while they're connected. No relation 
to the connection bandwidth was implied.

--Mitch
NetSide