On Thu, 02 Aug 2001 13:46:32 CDT, baudendistat_private said: > Yea... We were watching this yesterday... It looks like the packets are > coming from WIN2K IPSec enabled web servers... It goes back to the 19th... > VPN??? WIN2K interaction with the worm? Incidental? Who knows???? Isn't there a configure tab in the TCP control panel that has a checkbox to force it to always try to negotiate IPSec first? Could it just be CodeRed running on a box that has this set? -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
This archive was generated by hypermail 2b30 : Fri Aug 03 2001 - 15:02:00 PDT