I've been watching the acls on various routers on our (my employer) network as well as on my home network. I've only seen one host attempt to send any sort of snmp "goodies" to my network: Feb 14 05:57:55.239 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.252.53(161), 1 packet Feb 14 06:03:51.550 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.253.53(161), 1 packet Feb 14 06:03:51.550 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.254.53(161), 1 packet Feb 14 06:03:51.550 EST: %SEC-6-IPACCESSLOGP: list 2699 denied udp 193.64.58.53(2101) -> 204.42.255.53(161), 1 packet Obviously I don't speak for the entire internet but i'm not seeing anything that interesting to take note of (imho) currently. - Jared On Thu, Feb 14, 2002 at 02:00:44AM -0500, Frank B. Scalzo wrote:
Has anyone seen any discernable operational impact from CA-2002-03? Things like: increase in SNMP probes, increase in bgp churn due to outside networks being affected, customer complaints, increase in number of customer flaps, anyone willing to admit to being directly impacted, anyone willing to admit surviving an attempt, does anyone have any evidence of an actual exploit, any evidence that people wearing the wrong color hats are using this or trying to?
Frank Scalzo
-- Jared Mauch | pgp key available via finger from jared@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.