Re: Hard data on network impact of the "Code Red" worm?
Also, is it possible that the critter got through firewalls and "did harm", but could not get back out again? I don't know of any cases like
Um ..... brain in SirCam Mode :) Oops!! ----- Original Message ----- From: "Larry Sheldon" <lsheldon@creighton.edu> To: <wojtekz@idirect.com> Cc: <lsheldon@creighton.edu> Sent: Monday, July 30, 2001 2:03 PM Subject: Re: Hard data on network impact of the "Code Red" worm? that.
Well this just makes it a good idea to proxy outbound SMTP, just set up
an
access list for only allowing outbound TCP port 25 from certain hosts (verified mail servers).
Umm.....Code Red Worm is all HTTP--port 80, no?
I disremember any SMTP -- port 25 involvement.
-- -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.- . . - L. F. (Larry) Sheldon, Jr. - . Unix Systems and Network Administration . - Creighton University Computer Center-Old Gym - . 2500 California Plaza . - Omaha, Nebraska, U.S.A. 68178 Two identifying characteristics - . lsheldon@creighton.edu of System Administrators: . - 402 280-2254 (work) Infallibility, and the ability to - . 402 681-4726 (cellular) learn from their mistakes. . - 402 332-4622 (residence) - . http://www.creighton.edu/~lsheldon Adapted from Stephen Pinker . -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
Um ..... brain in SirCam Mode :) Oops!!
Been like that a lot lately--I'm tired. But it does raise an issue with me--this started with Sean Donelan's request for comments comparing "Code Red Worm" effects with "Baltimore Tunnel Fire" effects. What occurred to me a few minutes ago was that in terms of effects on us out here at the edge, I am not sure I can distinguish "Code Red Worm" effects from "SirCam" effects. We might have burned more bandwidth shipping the latter around. And the cleanup damn-sure took more work. Once a dozen NT/W2K boxen where cleaned or certified, we thought we were pretty much through with CRW by Monday mid-day. I'm sure we are through with "SirCam" yet because students and faculty are just now starting back towards "active". -- -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.- . . - L. F. (Larry) Sheldon, Jr. - . Unix Systems and Network Administration . - Creighton University Computer Center-Old Gym - . 2500 California Plaza . - Omaha, Nebraska, U.S.A. 68178 Two identifying characteristics - . lsheldon@creighton.edu of System Administrators: . - 402 280-2254 (work) Infallibility, and the ability to - . 402 681-4726 (cellular) learn from their mistakes. . - 402 332-4622 (residence) - . http://www.creighton.edu/~lsheldon Adapted from Stephen Pinker . -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
participants (2)
-
Larry Sheldon
-
Wojtek Zlobicki