Security Incidents mailing list archives
Re: why the nimda upsurge again?
From: Dug Song <dugsong () monkey org>
Date: Mon, 3 Dec 2001 23:10:30 -0500
On Mon, Dec 03, 2001 at 01:27:27PM -0500, Jose Nazario wrote:
in the past week or two i have noticed a strong upsurge in nimda probes and requests, and i know i'm not alone in this. while the bulk of the requests are local (given the mechanism it uses for addressing), several are from outside our network. there is no similar rise appearant in code red v1 or v2.
are you sure it's Nimda you're looking at? we did see a slight surge in Nimda activity on our blackhole monitor, but much smaller than when Nimda.E was introduced at the end of October: http://www.monkey.org/~dugsong/wormplot.png -d. --- http://www.monkey.org/~dugsong/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- why the nimda upsurge again? Jose Nazario (Dec 03)
- Re: why the nimda upsurge again? Dug Song (Dec 04)
- Re: why the nimda upsurge again? Jose Nazario (Dec 04)
- RE: why the nimda upsurge again? James (Dec 04)
- Re: why the nimda upsurge again? Dug Song (Dec 04)