Hard data on network impact of the "Code Red" worm?
As several government agencies gear up today to get additional funding, what hard data about the impact of the code read worm on the Internet exists? CAIDA posted some data about the speed of infection. But I was looking at overall Internet performance during the time period. The worm tended to revisit the same systems over, and over again, so I would agree those people may have been severely affected. But 350,000 hosts isn't that big of a number any more. The Morris Internet Worm infected an estimated 10% of the internet hosts of the day. What do you think had more world-wide impact on the Internet? 1. The train accident in Baltimore 2. The "code red" worm
On Mon, 30 Jul 2001 04:16:12 PDT, Sean Donelan <sean@donelan.com> said:
I would agree those people may have been severely affected. But 350,000 hosts isn't that big of a number any more. The Morris Internet Worm
That's 350K hosts that got infected *that we know about*. I'd not be surprised if a lot of other hosts got infected during the 9 hours CRv2 was on its burn stage that didn't happen to ping any of the sensor boxes used to identify infected hosts. -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
I would agree those people may have been severely affected. But 350,000 hosts isn't that big of a number any more. The Morris Internet Worm
That's 350K hosts that got infected *that we know about*. I'd not be surprised if a lot of other hosts got infected during the 9 hours CRv2 was on its burn stage that didn't happen to ping any of the sensor boxes used to identify infected hosts.
Do "we" have any information how many out here at the edges (besides the.mil folk) disconnected while the cleanup was going on? We dint, but small pockets that we supply did. Alos, is it possible that the critter got through firewalls and "did harm", but could not get back out again? I don't know of any cases like that. -- -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.- . . - L. F. (Larry) Sheldon, Jr. - . Unix Systems and Network Administration . - Creighton University Computer Center-Old Gym - . 2500 California Plaza . - Omaha, Nebraska, U.S.A. 68178 Two identifying characteristics - . lsheldon@creighton.edu of System Administrators: . - 402 280-2254 (work) Infallibility, and the ability to - . 402 681-4726 (cellular) learn from their mistakes. . - 402 332-4622 (residence) - . http://www.creighton.edu/~lsheldon Adapted from Stephen Pinker . -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
On Mon, 30 Jul 2001 12:22:18 CDT, Larry Sheldon <lsheldon@creighton.edu> said:
Alos, is it possible that the critter got through firewalls and "did harm", but could not get back out again? I don't know of any cases like that.
Of course you don't know of those cases - they didn't get back out. Of course, all it takes is one site that says "OK, Fred needs to surf the web for JUST A MOMENT" for it to escape again. And I'm sure there's more than one site out there that doesn't realize they've got a problem inside their firewall... -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
i think the interesting record here is that, for maybe the first time, the mass of an email virus is significantly greater than the mass of seemingly endless and repetitive discussion about it. so far ... randy
i think the interesting record here is that, for maybe the first time, the mass of an email virus is significantly greater than the mass of seemingly endless and repetitive discussion about it.
I wonder... how many people are on this list ? How much internet traffic does one message really generate? I just received an "URGENT" MS Security Advisory (I have never seen one labeled as URGENT in the past). There is apparenlty a new mutation that is to go out today :(
Randy, Aren't you mixing up "Code Red" with the Sircam Worm ? - Rafi On Mon, 30 Jul 2001, Randy Bush wrote:
i think the interesting record here is that, for maybe the first time, the mass of an email virus is significantly greater than the mass of seemingly endless and repetitive discussion about it.
so far ...
randy
participants (7)
-
Larry Sheldon -
Rafi Sadowsky -
Randy Bush -
Sean Donelan -
Steve Goldstein -
Valdis.Kletnieks@vt.edu -
Wojtek Zlobicki