[unisog] Increased Activity
edz at uic.edu
Tue Mar 23 17:09:33 GMT 2004
At 11:44 AM 3/22/2004, Lang, Michael wrote:
>This is my first post to unisog and I just subscribed, - I hope that this
>This morning I see a dramatic increase in hosts on our network that are
We're seeing the same thing.
Note that this is one infection causing this as the same IP is probing all
ports on the target machine before moving on. It's not separate worms as Jason
suggested (thanks for the response though...).
Any idea of what this is would be welcome here as well.
>The attacked IP is chosen pretty random with the first octet staying the
>same and the last three changing.
>Not only is there a dramatic increase of hosts on our network getting
>this, but I see a lot from the Internet pouring into our network.
>Anyone clue me into what this one is?
>University of Connecticut
More information about the unisog