[39735] in North American Network Operators' Group
Re: Code Red on dial-in ppp
daemon@ATHENA.MIT.EDU (John Kristoff)
Sat Jul 21 14:30:23 2001
Date: Sat, 21 Jul 2001 13:29:48 -0500
From: John Kristoff <jtk@aharp.is-net.depaul.edu>
To: Chris Adams <cmadams@hiwaay.net>, nanog@merit.edu
Message-ID: <20010721132948.A3809@aharp.is-net.depaul.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20010721130906.A15304@HiWAAY.net>; from cmadams@hiwaay.net on Sat, Jul 21, 2001 at 01:09:06PM -0500
Errors-To: owner-nanog-outgoing@merit.edu
On Sat, Jul 21, 2001 at 01:09:06PM -0500, Chris Adams wrote:
> I don't think the issue is bandwidth. The issue is that the reports
> being sent out say such-and-such IP is infected without giving a time
> stamp (I got one of the reports as well). Without the time of the
> attack, the IP address is absolutely useless, as a hundred users may
> have had that IP in the last couple of days.
I have timestamps for the IPs I had on my list I posted a link to. If
you need them, contact me directly.
John
