> We also had the new overly "helpful" operating systems and a variety of > infected machines eating bandwidth.
How depressing. Does anybody have any good estimate on what % of machines were infected with one or more of the usual standard-equipment pieces of bandwidth-sucking malware? It's sad that at an IETF this is a problem, "preaching to the choir" and all that. On the other hand, it's not an IETF-only problem. I was at a SANS class we were hosting a few months ago on using tcpdump. So just for grins, I set up a little tcpdump script, and after about 2 hours, right before the lunch break, I announced "We have some 280 people in this lecture hall, and so far I've seen 97 MAC addresses on the wireless talking to POP-over-SSL on port 995, and 80 or so talking cleartext POP". Some guy in the back of the room asked if I was grabbing passwords, and I told him "I'm a white hat. I was gathering *only* SYN packets for statistical purposes. I have *no* idea what anybody *else* in this 100,000 square foot building was grabbing out of the air". It was pretty easy to identify the 80 or so then... all "deer in headlights" and tapping at keyboards furiously.. :)
pgp00000.pgp
Description: PGP signature