When nimda was first launched I could've sworn it _was_ getting rid of all these horribly infectious hosts. Working with a few clients It appears that whenever it tftp outs it creates a TFTPXXXX (where the x's are incremental), around 50k files... Now each machine making hundereds of connection attempts a minute this fills up. Besides some machines having bigger harddrives than others, why aren't these too knocked off the internet? I remember watching the code red boxes i had logged (nearly 4000) just drop off the net one by one. It was quite amusing at first, but I'm still baffled as to why these other nimda infected machines aren't doing the same. Any one know/care? w1re ________________________________________________________ The Best News Source On The Web - http://www.disinfo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Nov 13 2001 - 08:11:20 PST