|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
From: Donovan Hill <lists@lazyeyez.net> To: "bcm" <bcm@inkline.com>, <nanog@merit.edu> Date: Fri, 30 Jan 2004 16:18:05 -0800 In-Reply-To: <001401c3e776$8c34bed0$4263bacc@corp.ptd.net> Errors-To: owner-nanog-outgoing@merit.edu On Friday 30 January 2004 01:18 pm, bcm wrote: > Is anyone taking any special precautions given the potential for a sudden > increase in aggregate packets per second across your networks come Sunday > afternoon when the original Mydoom virus enters into its DOS phase? > > Does anyone know if the virus' assault will be slowed if it is unable to > reach www.sco.com? I am hoping that if it cannot reach SCO's site that the > HTTP GET command will be slow in returning, effectively reducing the volume > of traffic a single PC is capable is generating. I am having a difficult > time artificially forcing the virus to start its attack in a lab > environment, so I am unable to confirm this. > > Any input would be appreciated. Thanks! I think we should help out SCO by creating new wildcard entries into our DNS servers that point *.sco.com to 127.0.0.1 as well as blackholing all SCO SWIPd IP Address Space. <a****le mode> We should also never remove the above. </a****le mode> -- Donovan Hill Electronics Engineering Technologist, CCNA www.lazyeyez.net, www.gwsn.com
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |