Here is a breakdown of port 80 probes to a machine I keep on a live IP address with no protection. I have BlackIce keeping tabs on it. These numbers are for 09/18/01, and are in Pacific time. 00:00-01:59 6 01:00-01:59 6 02:00-02:59 3 03:00-03:59 0 04:00-04:59 3 05:00-05:59 0 06:00-06:59 26 07:00-07:59 86 08:00-08:59 27 09:00-09:59 25 10:00-10:59 36 11:00-11:59 44 12:00-12:59 97 13:00-13:59 19 14:00-14:59 76 15:00-15:59 144 16:00-16:59 96 17:00-17:59 2 18:00-18:59 29 19:00-19:59 12 20:00-20:59 64 21:00-21:59 1 22:00-22:59 76 23:00-23:59 109 -----Original Message----- From: Jason Giglio [mailto:jgiglioat_private] Sent: Tuesday, September 18, 2001 11:49 AM To: incidentsat_private Subject: Nimda Probes Stopped Apparently the probes have stopped as quickly as they began, here at least, around 2:30 Eastern time. internettrafficreport.com is showing some recovery also. Is this phase over now? Makes one wonder what's next... -- Jason Giglio Information Technology Coordinator, Smyth Companies, Bedford VA Phone: 540-586-2311x113 e-mail: jgiglioat_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Sep 19 2001 - 11:20:25 PDT