|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: worm information
Ravi, One of the responses to this thread mentioned a 3COM switch. One of the infected sites has a 3COM superstack 1100. I'm not a 3COM fan but these switches have been up for years, literally. All it takes to make this switch reboot is a flow from one infected host. I'm going to try to move the web interface port away from 80. Thank you. Regards, Christopher J. Wolff, VP CIO Broadband Laboratories, Inc. http://www.bblabs.com > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > ravi pina > Sent: Saturday, April 10, 2004 11:44 AM > To: Christopher J. Wolff > Cc: [email protected]; 'Darrell Greenwood'; 'nanog list' > Subject: Re: worm information > > > hmm, honestly i can't vouch for the data rate personally. > a co-worker said the counters on the VPN connections were > grossly disproportionate for a short time sample. > > bottom line, it is indeed annoying. i know my server > and desktop groups have been having a hell of a time > disinfecting hosts. i know part of this was that > symantec, at the time, said it may be a polymorphic > strain. > > -r
|