nanog mailing list archives

Re: Hard data on network impact of the "Code Red" worm?

From: "Wojtek Zlobicki" <wojtekz () idirect com>
Date: Mon, 30 Jul 2001 14:07:48 -0400


Um .....  brain in SirCam Mode :)  Oops!!



----- Original Message -----
From: "Larry Sheldon" <lsheldon () creighton edu>
To: <wojtekz () idirect com>
Cc: <lsheldon () creighton edu>
Sent: Monday, July 30, 2001 2:03 PM
Subject: Re: Hard data on network impact of the "Code Red" worm?

Also, is it possible that the critter got through firewalls and "did

harm",

but could not get back out again?  I don't know of any cases like

that.


Well this just makes it a good idea to proxy outbound SMTP, just set up

an

access list for only allowing outbound TCP port 25 from certain hosts
(verified mail servers).


Umm.....Code Red Worm is all HTTP--port 80, no?

I disremember any SMTP -- port 25 involvement.

--
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
.                                                                       .
- L. F. (Larry) Sheldon, Jr.                                            -
. Unix Systems and Network Administration                               .
- Creighton University Computer Center-Old Gym                          -
. 2500 California Plaza                                                 .
- Omaha, Nebraska, U.S.A.  68178       Two identifying characteristics  -
. lsheldon () creighton edu                  of System Administrators:     .
- 402 280-2254 (work)                Infallibility, and the ability to  -
. 402 681-4726 (cellular)               learn from their mistakes.      .
- 402 332-4622 (residence)                                              -
. http://www.creighton.edu/~lsheldon    Adapted from Stephen Pinker     .
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-

Current thread:

Hard data on network impact of the "Code Red" worm? Sean Donelan (Jul 30)
- Re: Hard data on network impact of the "Code Red" worm? Valdis . Kletnieks (Jul 30)
  - Re: Hard data on network impact of the "Code Red" worm? Larry Sheldon (Jul 30)
    - Re: Hard data on network impact of the "Code Red" worm? Steve Goldstein (Jul 30)
    - Re: Hard data on network impact of the "Code Red" worm? Valdis . Kletnieks (Jul 30)
- Re: Hard data on network impact of the "Code Red" worm? Randy Bush (Jul 30)
  - Re: Hard data on network impact of the "Code Red" worm? Wojtek Zlobicki (Jul 30)
  - Re: Hard data on network impact of the "Code Red" worm? Rafi Sadowsky (Jul 30)
- <Possible follow-ups>
- Re: Hard data on network impact of the "Code Red" worm? Sean Donelan (Jul 30)
- Re: Hard data on network impact of the "Code Red" worm? Sean Donelan (Jul 30)
- Re: Hard data on network impact of the "Code Red" worm? Wojtek Zlobicki (Jul 30)
  - Re: Hard data on network impact of the "Code Red" worm? Larry Sheldon (Jul 30)
- Re: Hard data on network impact of the "Code Red" worm? k claffy (Jul 30)
  - Re: Hard data on network impact of the "Code Red" worm? Mike Trest (Jul 30)
- Re: Hard data on network impact of the "Code Red" worm? Steven M. Bellovin (Jul 30)
- Re: Hard data on network impact of the "Code Red" worm? Sean Donelan (Jul 30)
  - Re: Hard data on network impact of the "Code Red" worm? Christian Kuhtz (Jul 30)
  - Re: Hard data on network impact of the "Code Red" worm? Larry Sheldon (Jul 30)
- Re: Hard data on network impact of the "Code Red" worm? Sean Donelan (Jul 30)
  - Re: Hard data on network impact of the "Code Red" worm? Christian Kuhtz (Jul 30)
  - Re: Hard data on network impact of the "Code Red" worm? Hank Nussbacher (Jul 30)

(Thread continues...)