North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Exodus: this is bad
On Mon, 16 Nov 1998, Richard Irving wrote: > This appears to be a concerted effort. This type of attack > is propogating to new origin IP's by the hour. There seems to > be a pattern forming.... Has anyone considered that this might be a worm? The attacked hosts have all exhibited the same characteristics: stock Red Hat 5.1 install, running (probably) the stock named that came with it, which is a known vulnerable bind release. There are a -lot- of these boxen out there. Plus, the mechanical attacks on particular ports. This sounds fairly automated to me...but hey, what do I know? ;-) -- Edward S. Marshall <[email protected]> /> Who would have thought that we -o) http://www.logic.net/~emarshal/ // would be freed from the Gates of /\\ Linux Weenie, Open-Source Advocate </ hell by a penguin named "Tux"? _\_v
|