CodeRed Activity

[dave.goldsmith () intelsat com]

Included is updated information on probable CodeRed activity seen at my
site.  The traffic seems to be increasing by about 75% each hour. I will be
filling in the table breaking down the probing systems later today.

Dave Goldsmith

        Hour    || Total   Unique  || Private IIS    Other Web  Non-Web No
Date    (EST)   || Probes  Sources || Address Server Server     Server
Response
============++=================++===========================================
=====
0731    2000  || 92             17       || 3           8        1
3               2
0731    2100    || 74           20       || 3           13       0
2               2
0731    2200    || 154  45       || 1           25       0              8
11
0731    2300    || 239  73       || 
0801    0000    || 345  97       || 
0801    0100    || 693  183      ||
0801    0200    || 1139 324      ||
0801    0300    || 2463 644      ||
0801    0400    || 4271 1112     ||
0801    0500    || 7327 1950     ||
0801    0600    || 13085        3414     ||

############################################################
This email message is for the sole use of the intended
recipient(s)and may contain confidential and privileged
information.  Any unauthorized review, use, disclosure or 
distribution is prohibited.  If you are not the intended 
recipient, please contact the sender by reply email and 
destroy all copies of the original message.  Any views 
expressed in this message are those of the individual 
sender, except where the sender specifically states them 
to be the views of Intelsat, Ltd. and its subsidiaries.
############################################################

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com