Re: slaper trafic

From: james (jameshat_private)
Date: Mon Sep 16 2002 - 14:49:04 PDT

Next message: KF: "Re: Linux Slapper Worm code"

Previous message: Arjen De Landgraaf: "RE: [Full-Disclosure] openssl exploit code"
Next in thread: Denis Dimick: "Re: slaper trafic"
Reply: Denis Dimick: "Re: slaper trafic"
Reply: Jeff: "Re: slaper trafic"
Reply: Jose Nazario: "Re: slaper trafic"
Reply: Michael Katz: "Re: slaper trafic"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Just started dropping upd port 2002 to 2002 incoming and outgoing on our
edge routers. Stopped a large DoS dead and sent it the null interface. We do
block port 80, incoming, while allowing established connections since the
Code Red days. However, clients who run web servers were unprotected and
some got infected. Is there yet a scanner to ID infected/vulnerable hosts ?

James Edwards
jameshat_private
nocat_private
At the Santa Fe Office: Internet at Cyber Mesa
Store hours: 9-6 Monday through Friday
Phone support 365 days till 10 pm via the Santa Fe office:
505-988-9200




----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: KF: "Re: Linux Slapper Worm code"
Previous message: Arjen De Landgraaf: "RE: [Full-Disclosure] openssl exploit code"
Next in thread: Denis Dimick: "Re: slaper trafic"
Reply: Denis Dimick: "Re: slaper trafic"
Reply: Jeff: "Re: slaper trafic"
Reply: Jose Nazario: "Re: slaper trafic"
Reply: Michael Katz: "Re: slaper trafic"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Sep 16 2002 - 21:36:21 PDT