Just started dropping upd port 2002 to 2002 incoming and outgoing on our edge routers. Stopped a large DoS dead and sent it the null interface. We do block port 80, incoming, while allowing established connections since the Code Red days. However, clients who run web servers were unprotected and some got infected. Is there yet a scanner to ID infected/vulnerable hosts ? James Edwards jameshat_private nocat_private At the Santa Fe Office: Internet at Cyber Mesa Store hours: 9-6 Monday through Friday Phone support 365 days till 10 pm via the Santa Fe office: 505-988-9200 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Sep 16 2002 - 21:36:21 PDT