[43456] in North American Network Operators' Group
RE: IDS Activity
daemon@ATHENA.MIT.EDU (Jason Lewis)
Fri Oct 12 08:14:41 2001
Reply-To: <jlewis@packetnexus.com>
From: "Jason Lewis" <jlewis@packetnexus.com>
To: <ekgermann@cctec.com>, <chris@bblabs.com>, <nanog@merit.edu>
Date: Fri, 12 Oct 2001 08:16:24 -0400
Message-ID: <000d01c15317$b66fad90$4d78a8c0@spinalcord>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
In-Reply-To: <NDBBJJPLIGJGLBKILFIHGEGFEDAA.ekgermann@cctec.com>
Errors-To: owner-nanog-outgoing@merit.edu
I am aware of several school districts that have shut down due to NIMDA
outbreaks. I only mention it, because that is a significant number of
hosts. They shutdown yesterday....maybe NIMDA is making a return.
jas
-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of
Eric Germann
Sent: Friday, October 12, 2001 7:07 AM
To: chris@bblabs.com; nanog@merit.edu
Subject: RE: IDS Activity
The pattern looks like the usual Nimda/CodeRedI/CodeRedII stuff. The
frequency of scans is upticking though. Whether its planned or is a social
effect of possibly more machines on due to news, therefore more hosts for
the scanners, is unknown. Just keeping an eye on things.
Eric
> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of
> Christopher Wolff
> Sent: Friday, October 12, 2001 1:26 AM
> To: nanog@merit.edu
> Subject: Re: IDS Activity
>
>
>
> I haven't seen the IDS trips; however there has been an anomalous
> pattern of traffic on our border routers since 1400 MST.
>
> Please let me and the group know what you're seeing.
>
> ---------- Original Message ----------------------------------
> From: "Eric Germann" <ekgermann@cctec.com>
> Reply-To: <ekgermann@cctec.com>
> Date: Fri, 12 Oct 2001 01:03:43 -0400
>
> >Anyone seeing a ramp up in IDS trips? We've seen an 8-10 fold
> increase in
> >the last two hours.
> >
> >
> >=================================================================
> =========
> > Eric Germann CCTec
> > ekgermann@cctec.com Van Wert OH 45801
> > http://www.cctec.com Ph: 419 968 2640
> > Fax: 603 825 5893
> >
> >"It is so easy to miss pretty trivial solutions to problems deemed
> >complicated. The goal of a scientist is to find an interesting problem,
> >and live off it for a while. The goal of an engineer is to evade
> >interesting problems :)" -- Vadim Antonov <avg@kotovnik.com> on NANOG
> >
> >
> >
> >
> >
>
