Security Incidents mailing list archives
RE: Nimda Infections
From: Dial Joe <Joe.Dial () at siemens com>
Date: Mon, 12 Nov 2001 19:46:13 -0500
Yes, My home connection is via @home and there seem to be lots of systems which still have Nimda, even code red on the (aparently somewhat local) net with me. I think/hope @home is blocking somewhere upstream. At work, we have the same provider, but a different group (FiberNet vs. @home) and there seems to be a fair amount of this type of traffic on that net as well. I had to put in web log management on the DNS server because Apache's error and access logs are full of that crap. Eventually, I'll probably have to remove the web server (it doesn't really need it), just to prevent a disk full DoS. I have been assuming that it was just me. Joe |-----Original Message----- |From: reilly () speakeasy net [mailto:reilly () speakeasy net] |Sent: Monday, November 12, 2001 6:28 PM |To: incidents () securityfocus com |Subject: Nimda Infections | | |It's amazing to me when I see the amount of systems still |infected with Nimda. In today's logs I see a huge amount of |systems in the ATT network that are still banging away. I |can't even give you the amount of systems that I'm seeing from |China. What is so difficult about patching your system |against the .hta, .htq vuln. I don't mean to go off on a rant |but am I the only one that feels this way? Is everyone else |seeing the same activity? ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Nimda Infections reilly (Nov 12)
- <Possible follow-ups>
- RE: Nimda Infections Dial Joe (Nov 13)
- RE: Nimda Infections Jim Harrison (SPG) (Nov 13)
- RE: Nimda Infections Reilly (Nov 13)
- RE: Nimda Infections Ryan Russell (Nov 13)
- RE: Nimda Infections Reilly (Nov 13)
- RE: Nimda Infections Reilly (Nov 13)
- RE: Nimda Infections Reilly (Nov 13)
- RE: Nimda Infections Jim Howard (Nov 13)
- RE: Nimda Infections w1re p4ir (Nov 13)
- RE: Nimda Infections Neil Dickey (Nov 13)
- Nimda Infections and code red resurgence Russell Fulton (Nov 13)