[21846] in bugtraq
CAIDA analysis of code.red spread
daemon@ATHENA.MIT.EDU (Tom Perrine)
Wed Jul 25 14:35:43 2001
Date: Wed, 25 Jul 2001 10:55:12 -0700
Message-Id: <200107251755.f6PHtCQ06330@lart.sdsc.edu>
From: Tom Perrine <tep@SDSC.EDU>
To: BUGTRAQ@securityfocus.com, NTBugtraq@listserv.ntbugtraq.com
The CAIDA folks have posted an extensive analysis of the spread of the
code.red worm. These are the same folks that brought you the
"backscatter" analysis of world-wide DOS attacks.
The infection rate was astounding, they have IP addresses for 375,000
infected hosts, which is a *lower* bound on the infection.
There are graphs that show the change in infection rate when CRv2 was
released, as well some amazing animations.
At one point the infection rate was at least 2000 hosts per minute.
http://www.caida.org/analysis/security/code-red/
You would do well to pull the animations from the mirror sites, or
grab the smaller formats, as opposed to the 13M Quicktime :-)
--
Tom E. Perrine (tep@SDSC.EDU) | San Diego Supercomputer Center
http://www.sdsc.edu/~tep/ | Voice: +1.858.534.5000
