I've seen only a few probes here; interestingly, from exactly the same host you mention. On Thu, 14 Feb 2002, Jared Mauch wrote: : : I've been watching the acls on various routers on our (my employer) :network as well as on my home network. : : I've only seen one host attempt to send any sort :of snmp "goodies" to my network: : :Feb 14 05:57:55.239 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.252.53(161), 1 packet :Feb 14 06:03:51.550 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.253.53(161), 1 packet :Feb 14 06:03:51.550 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.254.53(161), 1 packet :Feb 14 06:03:51.550 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.255.53(161), 1 packet : : Obviously I don't speak for the entire internet but :i'm not seeing anything that interesting to take note of (imho) :currently. : : - Jared : :On Thu, Feb 14, 2002 at 02:00:44AM -0500, Frank B. Scalzo wrote: :> :> :> Has anyone seen any discernable operational impact from CA-2002-03? Things :> like: increase in SNMP probes, increase in bgp churn due to outside networks :> being affected, customer complaints, increase in number of customer flaps, :> anyone willing to admit to being directly impacted, anyone willing to admit :> surviving an attempt, does anyone have any evidence of an actual exploit, :> any evidence that people wearing the wrong color hats are using this or :> trying to? :> :> Frank Scalzo : :