[39771] in North American Network Operators' Group
RE: *.mil:80 disconnected in self-defense?
daemon@ATHENA.MIT.EDU (Roeland Meyer)
Mon Jul 23 17:03:07 2001
Message-ID: <EA9368A5B1010140ADBF534E4D32C728025A56@condor.mhsc.com>
From: Roeland Meyer <rmeyer@mhsc.com>
To: 'George William Herbert' <gherbert@retro.com>, nanog@merit.edu
Cc: gherbert@gw.retro.com
Date: Mon, 23 Jul 2001 14:05:15 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Errors-To: owner-nanog-outgoing@merit.edu
As soon as CERT released info on the IIS exploit, before Code Red, we yanked
all our IIS servers down. We are moving those vhosts back to
OpenLinux-Apache/FrontPage.
> -----Original Message-----
> From: George William Herbert [mailto:gherbert@retro.com]
> Sent: Monday, July 23, 2001 2:04 PM
> To: nanog@merit.edu
> Cc: gherbert@gw.retro.com
> Subject: *.mil:80 disconnected in self-defense?
>
>
>
>
> I have a report that .mil disconnected port 80 traffic
> from outside hosts, and possibly some other stuff,
> in response to DOS attacks last week.
>
> There was some discussion on the inetproviders list this
> morning on the topic, and then I asked someone inside
> who confirmed the cutoff and said there's a DISA alert
> and operational bulletin about it.
>
> It seems to be Just One of Those Months.
>
>
> -george william herbert
> gherbert@retro.com
>
