What's the point? I've been getting flooded for about an hour now, and I only noticed cause I was getting activity that wasn't going through to my LAN...

No slowdowns at all. Weird.

I noticed the same thing: I've gotten about 250 this evening!

I chatted with my ISP (at&t) and they think it's code red.

I went through my log and http'd to 100 ips 'cause I'm ****ed off about it! I got 13 web hits- 1 secure webserver, 1 stupid one, 1 email list site, and the rest were simple pages, or probably default installs that aren't in use- "under construction" or defaultt IIS page.

It looks to me like it is code red mostly, but the email list site and the secure site BOTH make me wonder!

Hmm...hadn't thought to try that...probably because they're mainly from one computer, and they're all for either port 80 (web) or 113 (no clue)...

Like I said:
wierd.

word is that the floods are originating from iis servers crompromised with the code red worm it is searching for other iis servers to infect i think or maybe its trying to crash the internet (hahahah) i am laughing for now at least

Yeah, that is the impression that I got from other assorted posts around here. Seems to have stopped, though. Not that I could tell, anyway. :)

sounds like another phase may start in a little while

From all I have heard these are the symptoms of code red, sorry to be the bearer of bad news but I guess you already suspected as much.

Nothing beats floodpinging a win95 computer from a linux computer over a LAN. 2 seconds and it will BSOD for sure! Win98 lasts at least twice as long... :) Win2k is another issue tho... :(

Originally posted by Thelemac
Hmm...hadn't thought to try that...probably because they're mainly from one computer, and they're all for either port 80 (web) or 113 (no clue)...

Like I said:
wierd.

Network Address Translation Application Protocol Information
Protocol: tcp
Port: AUTH (113)
Application: Identd Protocol

Maestro

I have been getting alot of Fragmented IGMP packets lately. I wonder how long it will take for people running IIS 4.0 and IIS 5.0 to patch there servers ?


Maestro

Originally posted by Allan Nielsen
Nothing beats floodpinging a win95 computer from a linux computer over a LAN. 2 seconds and it will BSOD for sure! Win98 lasts at least twice as long... :) Win2k is another issue tho... :(

Oddly enough, I have yet to crash a Windows computer by flood pinging...even with some gigantic packets (max size). Has always been on a hub though. I'll have to try it with my switch when I get Linux set up again (next few weeks) :)

if ya got win 98 first edition one minute of flooding will cause a reboot no bsod nor error msg just a reboot its weird. But i doubt ne one here is running win98 first edition though.

Actually, I am. I got my first computer just after it was released. (Well, a few months, anyway)

I'm pretty sure I tried that one. I'll have to try again, like I said.