RE: Nimda Infections

From: Dial Joe (Joe.Dial@at.siemens.com)
Date: 11/13/01

Previous message: Neil Dickey: "Re: sub-7"
Next in thread: Reilly: "RE: Nimda Infections"
Next in thread: Neil Dickey: "RE: Nimda Infections"
Reply: Neil Dickey: "RE: Nimda Infections"
Reply: Reilly: "RE: Nimda Infections"
Reply: Reilly: "RE: Nimda Infections"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Message-ID: <508DB795BA2CD31190FE00902726194D0236AFD8@npnb312a.npn.siemens.com>
From: Dial Joe <Joe.Dial@at.siemens.com>
To: "'reilly@speakeasy.net'" <reilly@speakeasy.net>, incidents@securityfocus.com
Subject: RE: Nimda Infections
Date: Mon, 12 Nov 2001 19:46:13 -0500

Yes,
My home connection is via @home and there seem to be lots of systems which
still have Nimda, even code red on the (aparently somewhat local) net with
me. I think/hope @home is blocking somewhere upstream. At work, we have
the same provider, but a different group (FiberNet vs. @home) and there
seems to be a fair amount of this type of traffic on that net as well. I
had to put in web log management on the DNS server because Apache's error
and access logs are full of that crap. Eventually, I'll probably have to
remove the web server (it doesn't really need it), just to prevent a disk
full DoS.

I have been assuming that it was just me.
Joe

|-----Original Message-----
|From: reilly@speakeasy.net [mailto:reilly@speakeasy.net]
|Sent: Monday, November 12, 2001 6:28 PM
|To: incidents@securityfocus.com
|Subject: Nimda Infections
|
|
|It's amazing to me when I see the amount of systems still
|infected with Nimda. In today's logs I see a huge amount of
|systems in the ATT network that are still banging away. I
|can't even give you the amount of systems that I'm seeing from
|China. What is so difficult about patching your system
|against the .hta, .htq vuln. I don't mean to go off on a rant
|but am I the only one that feels this way? Is everyone else
|seeing the same activity?

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

Previous message: Neil Dickey: "Re: sub-7"
Next in thread: Reilly: "RE: Nimda Infections"
Next in thread: Neil Dickey: "RE: Nimda Infections"
Reply: Neil Dickey: "RE: Nimda Infections"
Reply: Reilly: "RE: Nimda Infections"
Reply: Reilly: "RE: Nimda Infections"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: Nimda Infections
... Subject: Nimda Infections ... It's really frustrating, and aggrivating, to watch the amount of hist ... > This list is provided by the SecurityFocus ARIS analyzer service. ...
(Incidents)
RE: Nimda Infections
... Subject: Nimda Infections ... I have tried to mail as many as I could, and I have submitted logs ... We used to pay for bandwidth on our network ... In today's logs I see a huge amount of systems in the ATT network ...
(Incidents)