[40094] in North American Network Operators' Group
Re: Code Red growth stats
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Wed Aug 1 16:37:07 2001
From: "Steven M. Bellovin" <smb@research.att.com>
To: Petr Swedock <petr@ai.mit.edu>
Cc: kc@ipn.caida.org, nanog@nanog.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 01 Aug 2001 16:36:22 -0400
Message-Id: <20010801203622.C27D97B59@berkshire.research.att.com>
Errors-To: owner-nanog-outgoing@merit.edu
In message <200108012026.QAA29111@thelonius.ai.mit.edu>, Petr Swedock writes:
>
>
>There's no indication on how the stats are collected... Is it by IP
>addr reported? Does it take into account duplicates (re-infection
>rates?)
>
While they don't say, the "number of infected hosts" graph makes me
assume that they're counting unique IP addresses that tried to hit them.
As I said, my numbers are consistent with others posted here. And I've
gotten private mail about another, similar observation -- Code Red,
Round 2, appears to have peaked a few hours ago.
--Steve Bellovin, http://www.research.att.com/~smb
