Stuart Staniford writes: >show a sudden dramatic increase in the probe rate earlier this morning >(US time). This could be consistent with a new version which is >spreading much more effectively (possibly because it seeds its random >number better). I'm trying to fit this data. The numbers look, loosely, like a bell curve to me. I'm not a statistician, but isn't this loosely what we'd expect to see? That as it compromises more machines it spreads itself asymptotically? And then, once it hits a certain threshold people take note and start shutting down the machines doing the attacking? -Larry --- E. Larry Lidz Phone: (773)702-2208 Sr. Network Security Officer Fax: (773)702-0559 Network Security Center, The University of Chicago PGP: http://security.uchicago.edu/centerinfo/pgpkeys.shtml ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jul 20 2001 - 09:51:30 PDT