|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Fri, 22 Aug 2003 12:40:35 -0700 (PDT) From: Jay Hennigan <jay@west.net> To: Andrew Kerr <andrew_kerr@iamnos.ca> Cc: nanog@merit.edu In-Reply-To: <3F466BD0.1000507@iamnos.ca> Errors-To: owner-nanog-outgoing@merit.edu On Fri, 22 Aug 2003, Andrew Kerr wrote: > Its been posted here, and f-secure has it, but I wrote a quick script to > keep an eye on the 20 servers and dump the output to a simple page: > > http://207.195.54.37/sobig.html > > (Updates about every 5 mins) You're probing the list of NTP servers the worm uses to get the date, not the list of hosts to which it "phones home". -- Jay Hennigan - CCIE #7880 - Network Administration - jay@west.net WestNet: Connecting you to the planet. 805 884-6323 WB6RDV NetLojix Communications, Inc. - http://www.netlojix.com/
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |