I heard there were a few reports of Nimda going completely quiet in certain netblocks, but none were substantiated. I haven't seen a single Nimda IIS exploit attempt since a little before 10 AM (EST). I checked my IDS, apache logs, IIS logs -- nothing. Seems like it went silent. Still seeing CodeRed though. Can any one correlate? I am somewhere in the 12.27 netblock :) -Gary- Gary Portnoy Network Administrator gportnoyat_private PGP Fingerprint: 9D69 6A39 642D 78FD 207C 307D B37D E01A 2E89 9D2C ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Sep 21 2001 - 09:51:15 PDT