[67003] in North American Network Operators' Group
Impending (mydoom) DOS attack
daemon@ATHENA.MIT.EDU (bcm)
Fri Jan 30 18:08:30 2004
From: "bcm" <bcm@inkline.com>
To: <nanog@merit.edu>
Date: Fri, 30 Jan 2004 16:18:03 -0500
Errors-To: owner-nanog-outgoing@merit.edu
This is a multi-part message in MIME format.
------=_NextPart_000_0011_01C3E74C.A333D640
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Is anyone taking any special precautions given the potential for a =
sudden increase in aggregate packets per second across your networks =
come Sunday afternoon when the original Mydoom virus enters into its DOS =
phase?
Does anyone know if the virus' assault will be slowed if it is unable to =
reach www.sco.com? I am hoping that if it cannot reach SCO's site that =
the HTTP GET command will be slow in returning, effectively reducing the =
volume of traffic a single PC is capable is generating. I am having a =
difficult time artificially forcing the virus to start its attack in a =
lab environment, so I am unable to confirm this.
Any input would be appreciated. Thanks!
------=_NextPart_000_0011_01C3E74C.A333D640
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2800.1276" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Is anyone taking any special =
precautions given the=20
potential for a sudden increase in aggregate packets per second across =
your=20
networks come Sunday afternoon when the original Mydoom virus enters =
into=20
its DOS phase?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Does anyone know if the virus' assault =
will be=20
slowed if it is unable to reach <A=20
href=3D"http://www.sco.com">www.sco.com</A>? I am hoping that if =
it cannot=20
reach SCO's site that the HTTP GET command will be slow in returning,=20
effectively reducing the volume of traffic a single PC is capable is=20
generating. I am having a difficult time artificially forcing the =
virus to=20
start its attack in a lab environment, so I am unable to confirm=20
this.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Any input would be appreciated. =20
Thanks!</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV></BODY></HTML>
------=_NextPart_000_0011_01C3E74C.A333D640--
