[40093] in North American Network Operators' Group
Re: Code Red growth stats
daemon@ATHENA.MIT.EDU (Stephen J. Wilcox)
Wed Aug 1 16:32:10 2001
Date: Wed, 1 Aug 2001 21:28:49 +0100 (BST)
From: "Stephen J. Wilcox" <steve@opaltelecom.co.uk>
To: "Steven M. Bellovin" <smb@research.att.com>
Cc: k claffy <kc@ipn.caida.org>, nanog@nanog.org
In-Reply-To: <20010801201835.CB2037B59@berkshire.research.att.com>
Message-ID: <Pine.LNX.4.21.0108012124580.9320-100000@staff.opaltelecom.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 1 Aug 2001, Steven M. Bellovin wrote:
> I ran a little script on the totals reported by www.incidents.org,
> calculating the ratio between successive samples. (The latest graph I
> could find, as of 1615 EDT, ended at 1400 EDT.) There was a period of
> steady exponential growth in there, but it seems to be tailing off.
> That's consistent with another report posted here.
Does anyone have any theories as to why its tailing, are the thousands of
vulnerable machines being patched all of a sudden? If not then why is
traffic decreasing so fast when the worm just keeps searching?
Steve
