Security Incidents mailing list archives

Re: slaper trafic

From: Denis Dimick <denis () dimick net>
Date: Tue, 17 Sep 2002 06:58:20 -0700 (PDT)


You can get one from f-secure.com

-Denis

On Mon, 16 Sep 2002, james wrote:

Just started dropping upd port 2002 to 2002 incoming and outgoing on our
edge routers. Stopped a large DoS dead and sent it the null interface. We do
block port 80, incoming, while allowing established connections since the
Code Red days. However, clients who run web servers were unprotected and
some got infected. Is there yet a scanner to ID infected/vulnerable hosts ?

James Edwards
jamesh () cybermesa com
noc () cybermesa com
At the Santa Fe Office: Internet at Cyber Mesa
Store hours: 9-6 Monday through Friday
Phone support 365 days till 10 pm via the Santa Fe office:
505-988-9200




----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Re: slaper trafic james (Sep 16)
- Re: slaper trafic Jose Nazario (Sep 17)
- Re: slaper trafic Denis Dimick (Sep 17)
- Re: slaper trafic Jeff (Sep 17)
- Re: slaper trafic Michael Katz (Sep 18)