Can you give me any information about which multicast group addresses were being attacked ?
I have seen very little sign of this worm in interdomain multicast; it does not seem
to be causing MSDP havoc the way that the RAMEN worm did.
Regards
Marshall Eubanks
On Saturday, January 25, 2003, at 06:00 AM, [EMAIL PROTECTED] wrote:
This one seemed to be particularly nasty as it was generating traffic to
multicast addresses too. It caused a nice flood on the switched ethernet
segment I had a vulnerable box on. (And took out a router in the process.
Great fun.)
William Astle
finger [EMAIL PROTECTED] for further information
Geek Code V3.12: GCS/M/S d- s+:+ !a C++ UL++++$ P++ L+++ !E W++ !N w--- !O
!M PS PE V-- Y+ PGP t+@ 5++ X !R tv+@ b+++@ !DI D? G e++ h+ y?
T.M. Eubanks Multicast Technologies, Inc. 10301 Democracy Lane, Suite 410 Fairfax, Virginia 22030 Phone : 703-293-9624 Fax : 703-293-9609 e-mail : [EMAIL PROTECTED] http://www.multicasttech.com
Test your network for multicast : http://www.multicasttech.com/mt/ Status of Multicast on the Web : http://www.multicasttech.com/status/index.html