HI All, Has anyone else noticed that code red has bounced back very quickly this month after its sleep period. In past months snort has not seen CodeRed attacks until 9th or 10th, this month I started seeing them on the 2nd and by the 4th they had overtaken nimda and now they have overtaken lastmonths peak with 9 days to go. I also keep an eye on how many systems are probing us on port 80, this jumped from about 800 unique source addresses per hour on Nov 30 to nearly 3000 this morning. Any ideas what has changed? Russell Fulton, Computer and Network Security Officer The University of Auckland, New Zealand ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Dec 10 2001 - 08:30:25 PST