My little box on Covad/XO DSL had only 25 Code Red hits last month. This month so far I have seen 663 hits. I may have to create counter measures to attack all the bastards that don't maintain their servers ;) Tom Veldhouse veldy at veldy.net ----- Original Message ----- From: "Austad, Jay" <austad at marketwatch.com> To: <tclug-list at mn-linux.org> Sent: Thursday, August 09, 2001 1:05 AM Subject: RE: [TCLUG] AT&T/Mediaone does it again? > Yeah, CR2 is definitely growing. Over 3 days we had around 17,000 CR2 hits, > just in our Minneapolis data center. If I get some time tomorrow, I'll run > a query and graph the attempts over the last few days to see how it's > growing. > > Jay > > -----Original Message----- > From: Bob Tanner [mailto:tanner at real-time.com] > Sent: Wednesday, August 08, 2001 11:46 PM > To: tclug-list at mn-linux.org > Subject: Re: [TCLUG] AT&T/Mediaone does it again? > > Quoting Steve Siegfried (sos at zjod.net): > > Folks, > > > > I was wondering why my WWW hit monitors suddenly went to zero. Then I > > checked and found out why: No hits. When I logged into my backup ISP and > > tried "lynx http://zjod.net", I got, "Unable to contact remote host." I > also > > checked ftp, ssh, and telnet, which all worked. Only http access wasn't > > going through. > > I do agree with the measures they took. At 7pm CST today, Real Time had to > do > the same thing, because of the load it was putting on the routers. The > packet > storm was effecting all services at Real Time. > > I do -not- agree with how they went about it. They should have given you a > heads > up on what they are doing. I posted to all Real Time clients saying we > needed to > take this drastic measure to insure quality of service for everyone. Kind of > the > few must suffer for the many. > > So, I disabled port 80 to all client networks. I then logged (and I'm still > logging) all the deny attempts. > > We are getting over 500 CR2 hits every 600 seconds on just 1 network alone. > I am > now going through the data and punching holes into it to allow traffic to > linux/apache servers. > > > -- > Bob Tanner <tanner at real-time.com> | Phone : (952)943-8700 > http://www.mn-linux.org | Fax : (952)943-8500 > Key fingerprint = 6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9 > > _______________________________________________ > tclug-list mailing list > tclug-list at mn-linux.org > https://mailman.mn-linux.org/mailman/listinfo/tclug-list > _______________________________________________ > tclug-list mailing list > tclug-list at mn-linux.org > https://mailman.mn-linux.org/mailman/listinfo/tclug-list >