[42625] in North American Network Operators' Group
Re: Worm probes
daemon@ATHENA.MIT.EDU (sigma@pair.com)
Tue Sep 18 14:28:39 2001
Message-ID: <20010918173648.36769.qmail@smx.pair.com>
From: sigma@pair.com
In-Reply-To: <003501c14061$e55d8000$2223f8d8@compu.net> from Bill Larson at "Sep 18, 1 11:49:29 am"
To: nanog@merit.edu
Date: Tue, 18 Sep 2001 13:36:48 -0400 (EDT)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
Along those lines, weren't there some projects last time around to find and
clean up the affected machines? Clearly there are LOTS of vulnerable NT
servers still out there. Presumably these are being responded to just like
Smurf amplifiers, and the problem is just that the admins are clueless or
unreachable?
So far the most prolific network probing us has belonged to 9NetAve, which
was bought by Concentric shortly before they became XO.
Kevin
> Hopefully the notification does some good.
>
