North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Worm probes

  • From: Roeland Meyer
  • Date: Tue Sep 18 15:38:58 2001

There has already been a massive application of the patches, according to
www.netcraft.com at http://www.netcraft.com/survey/#August, Code Red
vulnerability has dropped to less than 20%, since July. It continues to
drop. Your general characterization of cluelessness is a bit unfair. It is
puzzeling that root.exe vulnerability is the only indicator that continues
to rise, albeit slowly. Netcraft shows it to be >10% at the moment.

BTW, I'm still seeing massive scanning activity.

|> From: sigma@pair.com [mailto:sigma@pair.com]
|> Sent: Tuesday, September 18, 2001 10:37 AM
|> 
|> Along those lines, weren't there some projects last time 
|> around to find and
|> clean up the affected machines?  Clearly there are LOTS of 
|> vulnerable NT
|> servers still out there.  Presumably these are being 
|> responded to just like
|> Smurf amplifiers, and the problem is just that the admins 
|> are clueless or
|> unreachable?
|> 
|> So far the most prolific network probing us has belonged to 
|> 9NetAve, which
|> was bought by Concentric shortly before they became XO.

|> > Hopefully the notification does some good.
|> > 
|>