From: Brock, Anthony - NET [mailto:Anthony.Brock () OREGONSTATE EDU]
Sent: Friday, January 19, 2007 9:18 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Connectivity problems with the US Army
Maybe they meant 29 IPs were probing. We saw around 35 of your IPs
either scanning port 2967 or actively attempting to exploit the
Symantec vulnerability against systems here.
Very possible. However, this still seems a bit extreme for
implementing a "permanent block" of this scale. Also, there
should be some method for notifying the affected site and
correcting the issue.