nanog mailing list archives
Live attackers or blind worms? (was Re: Country of Origin for Malicious Attacks)
From: Bill Zeng <bill () hotunix com>
Date: Thu, 26 Jun 2003 23:03:58 -0400 (EDT)
Since the birth of CodeRed II and Nimda in Fall 2001, web/IDS logs have constantly been filled with steady influx of IIS-based attacks. I remember a site was set up for people to report IP's of attacking boxes infected with such worms. Having seen such log entries piling up fast and nonstop for the past 22 months, I often wondered that they could serve as a good cover for directed, covert attacks by real persons/groups. This posting might not be a qualified topic for this list - my apologies. Bill
Current thread:
- Country of Origin for Malicious Attacks sgorman1 (Jun 25)
- Re: Country of Origin for Malicious Attacks Sean Donelan (Jun 25)
- <Possible follow-ups>
- RE: Country of Origin for Malicious Attacks netadm (Jun 25)
- RE: Country of Origin for Malicious Attacks Scott Weeks (Jun 25)
- Re: Country of Origin for Malicious Attacks Adam Debus (Jun 25)
- Re: Country of Origin for Malicious Attacks Scott A. McIntyre (Jun 25)
- RE: Country of Origin for Malicious Attacks Scott Weeks (Jun 25)
- RE: Country of Origin for Malicious Attacks McBurnett, Jim (Jun 25)
- Re: Country of Origin for Malicious Attacks sgorman1 (Jun 25)
- Re: Country of Origin for Malicious Attacks Jamie Reid (Jun 26)
- Live attackers or blind worms? (was Re: Country of Origin for Malicious Attacks) Bill Zeng (Jun 26)
- Re: Country of Origin for Malicious Attacks Peter Galbavy (Jun 27)
- Re: Country of Origin for Malicious Attacks sgorman1 (Jun 27)
- Re: Country of Origin for Malicious Attacks sgorman1 (Jun 27)