You are not alone. Daily, I see about 300 attempts or more on our class C
spaces. I have tried to mail as many as I could, and I have submitted logs
to the people that said they were going to contact everyone. Still we see
it. At this point, I am really wondering what it will take to erradicate it
from the net. On a happier note, I have also been talking to ISPs, who have
said if infections don't get fixed, they will shut off network access to
those hosts/networks. This, at least is a good sign, that there is
something that can be done yet. We used to pay for bandwidth on our network
connection. I feel for anyone that is still doing it that way in the light
of such virii. I too, believe there is no such thing as a good virus, but
it would certainly be nice to have these uncared-for systems to just go
away.

-----Original Message-----
From: reillyspeakeasy.net [mailto:reillyspeakeasy.net]
Sent: Monday, November 12, 2001 5:28 PM
To: incidentssecurityfocus.com
Subject: Nimda Infections

It's amazing to me when I see the amount of systems still infected with
Nimda. In today's logs I see a huge amount of systems in the ATT network
that are still banging away. I can't even give you the amount of systems
that I'm seeing from China. What is so difficult about patching your system
against the .hta, .htq vuln. I don't mean to go off on a rant but am I the
only one that feels this way? Is everyone else seeing the same activity?

[.. list deleted ..]

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]