nanog mailing list archives

RE: Hard data on network impact of the "Code Red" worm?

From: Roeland Meyer <rmeyer () mhsc com>
Date: Tue, 31 Jul 2001 00:30:43 -0700

From: Hank Nussbacher [mailto:hank () att net il]
Sent: Monday, July 30, 2001 11:41 PM

bandwidth - typically FastEthernet.  So targetting IIS 
servers is a sure 
way of maximizing your zombie power (the only more powerful 
worm would be 
an Apache zombie which has about 18M potential clients or a 
bind worm-zombie).


Cut it out! You're making my blood run cold. Four years ago, I had three
systems cracked by mwsh. The entry was via BIND. They were a Linux boxen and
the exploit downloaded mwsh source code and compiled it. It could, just as
easily, do that with CodeRed sources. Fortunatelyy, most BIND installations
have been upgraded since then. But, I'll bet that there are a few that
haven't been. Is Raul Dhesi listening?

<shudder>

Current thread:

Re: Hard data on network impact of the "Code Red" worm?, (continued)
- Re: Hard data on network impact of the "Code Red" worm? Steven M. Bellovin (Jul 30)
- Re: Hard data on network impact of the "Code Red" worm? Sean Donelan (Jul 30)
  - Re: Hard data on network impact of the "Code Red" worm? Christian Kuhtz (Jul 30)
  - Re: Hard data on network impact of the "Code Red" worm? Larry Sheldon (Jul 30)
- Re: Hard data on network impact of the "Code Red" worm? Sean Donelan (Jul 30)
  - Re: Hard data on network impact of the "Code Red" worm? Christian Kuhtz (Jul 30)
  - Re: Hard data on network impact of the "Code Red" worm? Hank Nussbacher (Jul 30)
    - Re: Hard data on network impact of the "Code Red" worm? Valdis . Kletnieks (Jul 30)
    - Re: Hard data on network impact of the "Code Red" worm? up (Jul 31)
    - Re: Hard data on network impact of the "Code Red" worm? Vijay Gill (Jul 30)
- RE: Hard data on network impact of the "Code Red" worm? Roeland Meyer (Jul 31)
  - telnet vs ssh on Core equipment , looking for reasons why ? Mr. James W. Laferriere (Jul 31)
    - Re: telnet vs ssh on Core equipment , looking for reasons why ? fingers (Jul 31)
    - Re: telnet vs ssh on Core equipment , looking for reasons why ? Stephen J. Wilcox (Jul 31)
    - Re: telnet vs ssh on Core equipment , looking for reasons why ? fingers (Jul 31)
    - Re: telnet vs ssh on Core equipment , looking for reasons why ? Stephen J. Wilcox (Jul 31)
    - Re: telnet vs ssh on Core equipment , looking for reasons why ? alex (Jul 31)
    - Re: telnet vs ssh on Core equipment , looking for reasons why ? Greg Maxwell (Jul 31)
    - Re: telnet vs ssh on Core equipment , looking for reasons why ? alex (Jul 31)
    - Re: telnet vs ssh on Core equipment , looking for reasons why ? Greg Maxwell (Jul 31)
    - Re: telnet vs ssh on Core equipment , looking for reasons why ? alex (Jul 31)

(Thread continues...)