[40235] in North American Network Operators' Group
Re: Code Red Hammering Away
daemon@ATHENA.MIT.EDU (Etaoin Shrdlu)
Sat Aug 4 16:15:17 2001
Message-ID: <3B6C55B9.D823A70C@deaddrop.org>
Date: Sat, 04 Aug 2001 13:06:17 -0700
From: Etaoin Shrdlu <shrdlu@deaddrop.org>
MIME-Version: 1.0
To: Nanog <nanog@merit.edu>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
Yes, it's true, I fixed the attribution. Young whippersnappers!
michael@aplatform.com wrote:
>
> On Sat, 4 Aug 2001, Lou Katz wrote:
> > My little Class C seems to be getting 3-6 attempts per second to
> > connect to Port 80 on various IPs at the present time. Is this
> > about average?
> Its more than what I am getting. Never the less since this started again
> im seeing alot more attempts than in July.
I see about 300% more attempts than in July, but close to one-third of
those do not appear to be code red. They seem to be what I would have
suspected. People trying to mask attempts under the noise of code red.
Nonetheless, it is getting annoying enough that I am close to moving all
the windoze machines off to a private switched network until this is over.
No, I'm not afraid of them being compromised, but some of them do seem to
be getting hit harder than the rest of my computers. What I don't
understand is why my openbsd laptop attracts so much attention.
Uname -a shows OpenBSD scorpion 2.6 GENERIC#696 i386, hardly an attractive
target for code red in my book. No, it's not running a web server. The only
service it actually offers is sshd.
At first it was interesting, then annoying, now it's just boring. Most of
the non-code red attempts I see are from apnic, for what that's worth.
--
You've confused equality of opportunity for equality of outcomes,
and have seriously confused justice with equality.
-- Woodchuck
