http://www.theregister.co.uk/2010/01/29/strange_ssl_web_attack/
... Shadowserver has identified 315 websites that are the recipients of the SSL assault. In addition to cia.gov and paypal.com, other sites include yahoo.com, americanexpress.com, and sans.org. ... http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20100129 ... They do not actually request an resources from the website or do anything else other than repeat the cycle periodically. They are doing this to hundreds of sites all day long. We find it hard to believe this much activity would be used to make the bots blend in with normal traffic, but at the same time it doesn't quite look like a DDoS either. ... Somebody generating noise for cover, or just a botched ddos? _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
