Re: floods through our proxy

From: mms (incidentsat_private)
Date: Wed Jul 30 2003 - 08:04:59 PDT

Next message: Christian Kieft: "Re: Exploit for Windows RPC may be in the wild!"

Previous message: Jon Zobrist: "new worm? or DDoS attack in progress"
In reply to: Jon Zobrist: "floods through our proxy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jon Zobrist <jzobristat_private> wrote on Tue, Jul 29, 2003 at 02:47:45PM -0600:
Ą We have an old software proxy that clients surfed through.
Ą It's discontinued and normally we have 50 clients or less still trying
Ą to use it. In the last hour it's climbed to over 3000 so I did some
Ą investigating.

This happens to us when the users install Gator or some other spyware.
A single Gator installation can make >4,000 requests per day. Check the
url being requested.


--
Matthew Southworth
B621 BA09 2169 953A 44F0  B0EB 12C2 656D 0DE0 CEEC

application/pgp-signature attachment: stored

Next message: Christian Kieft: "Re: Exploit for Windows RPC may be in the wild!"
Previous message: Jon Zobrist: "new worm? or DDoS attack in progress"
In reply to: Jon Zobrist: "floods through our proxy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 30 2003 - 08:07:43 PDT