Home page logo

nanog logo nanog mailing list archives

RE: Worm probes
From: Roeland Meyer <rmeyer () mhsc com>
Date: Tue, 18 Sep 2001 11:54:18 -0700

There has already been a massive application of the patches, according to
www.netcraft.com at http://www.netcraft.com/survey/#August, Code Red
vulnerability has dropped to less than 20%, since July. It continues to
drop. Your general characterization of cluelessness is a bit unfair. It is
puzzeling that root.exe vulnerability is the only indicator that continues
to rise, albeit slowly. Netcraft shows it to be >10% at the moment.

BTW, I'm still seeing massive scanning activity.

|> From: sigma () pair com [mailto:sigma () pair com]
|> Sent: Tuesday, September 18, 2001 10:37 AM
|> Along those lines, weren't there some projects last time 
|> around to find and
|> clean up the affected machines?  Clearly there are LOTS of 
|> vulnerable NT
|> servers still out there.  Presumably these are being 
|> responded to just like
|> Smurf amplifiers, and the problem is just that the admins 
|> are clueless or
|> unreachable?
|> So far the most prolific network probing us has belonged to 
|> 9NetAve, which
|> was bought by Concentric shortly before they became XO.

|> > Hopefully the notification does some good.
|> > 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]