> in only one night, there have been 355 such packets logged, 133 > distinct source IP addresses total, most of them going for port 80 > do you have any idea why this could be?
Code Red is still in the wild: http://www.cert.org/advisories/CA-2001-23.html At least that's how I explain away the massive amount of probes on port 80 on my desktop-dialin-account machine which I get recently. regards, Volker -- The bottom-up approach always gets me buggered. -- Sidney J. Hurtubise
