The worm hit Cryptome at 8:43 AM EST and is now sucking at a rate of about 90% of the load. As others have noted, the bulk of the hits appear to be coming from our own ISP, either by design or by spoofing the origin. Our server is on Apache but the worm generates endless errors attempting to find holes in IIS. Pervasive DDoS attacks are reportedly underway at gov sites. We are not seeing an unusual number of that type.
- Code Red seems to be back. Bill Stewart
- Re: Code Red seems to be back. Adam Shostack
- Re: Code Red seems to be back. David Honig
- John Young