I also might note this is a good reason to have a Software based firewall on the boxes even if they sit on an internal network. I know that's what protected my business computer when our servers got hit recently (hit 3 other workstations what were unpatched and unfirewalled). Logan Valdis.Kletnieksat_private wrote: >On Fri, 22 Aug 2003 21:50:53 -0000, Ryan McConky <rmcconkyat_private> said: > > >>In-Reply-To: <Law15-F50f3sllNY30k0001b928at_private> >> >>We are seeing the same thing on our routers. What is troubling me is that >>it is incrementing the dest ip by one each second. Like it is scanning. >>It is scanning internal and external networks. Most traced to Asian >>countries. Anyone else seeing this? >> >> > >Hmm.. you *just* noticed the Nachi worm ping-scanning your net, huh? ;) > >Wait a bit, you'll see it from all over. If you had any unpatched windows boxes >on your net, you'll be seeing it from inside your net too.. ;) > > --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Tue Aug 26 2003 - 13:47:28 PDT