I'm still getting hit like crazy.  I'm averaging around 50-100 hits an hour.  My cable modem light is constantly blinking and so is my router's wan (activity) light.

I have an IIS server (not really used, but for playing around with.)  It is patched and looking in the log, there are a lot of hits trying to overflow the buffer and infect the machine.  I didn't have any firewall/router and went out and bought the linksys dsl/cable router.  Great investment and piece of mind.  Works great.

Anyone else getting bombarded?

Nope, but I have a firewall...

Aviator  [img]www.dredgeearthfirst.com/aviator.gif[/img]

My ISP got hit with it three days ago (well, noticable to me anyway).  For two days it was like I had a 9600 baud modem instead of DSL.  Today is a much better day!

Lets see, in the last hour I've had 6 hits at port 80.  Not too bad.

I can guarantee you are getting hit... but you are blocking them.  But there is still a TON of bandwidth being taken up.  A lot of people on roadrunner (my provider) say it is effecting their gaming.  

bing, theres another hit. port 80 incomming

I've been getting hammered for a couple of days now.  ZoneAlarm is Maxing out at 500 alerts in less then five hours. My ISP(Cox) did some checking today and told me I was getting probed constantly from several other IP addresses. They also said they found Code Red on one of the machines that was hitting mine. They(Cox) also told me there has been an increase in this type of activity recently.

IMHO - The Media is glorifying hacking/cracking so every computer nerd around is trying to do it.  It's actually pretty easy with the latest crackware out there.

I've only had 322 suspicious pokes at my firewall in the last 90 days. not too many.

Aviator  [img]www.dredgeearthfirst.com/aviator.gif[/img]

I have noticed that in the last few days my cable modem has been active 24/7. I also have the Linksys router being used as a firewall. Even when I put the modem to "sleep" the router is showing activity which makes me think putting the modem to "sleep" does no good. When I look at my incoming log they are all port 80.

For the last week, I've been getting hammered by this email address:

Don Goertzen
[email protected]

The text is always:

Hi! How are you?
I send you this file in order to have your advice
See you later. Thanks

The file attached has different names, but always ends with: doc.lnk.

The best I can do with outlook express is have the email from this guy go straight to the delete file.

The good thing is code red and sirscam don't effect my operating system, even if it did get through, which it's not going to.

My ISP can't seem to block out the email address, and I've got no response from this guy's email provider, which is [url]www.myownmail.com[/url]  

I'm running wireless internet with Black Ice, and it blocks out all the scans and such.

Also in the last week, I've been getting http port scans about every 10 minutes from someone new, but it's all being blocked.

Before, I was lucky to get scanned once or twice a day.

My Black Ice is really getting a workout.

Jay
Arizona

"Life is hard:
It's harder if your stupid"

I'm not neccesarily getting hit all that bad until you consider that my ISP has acknowledged having major problems.


Within the past 2 weeks I had my ISP's mail server suddenly stop recognizing me(everything on my computer was configed properly) and it took my ISP two days to resolve my email problem.     Then just the other day their server that hosts the webpages, for all of it's members who have one, crashed big time and after reverting back to their backup files I couldn't log back in so that I could update my page again.   I had spent two days updating my page previous to when the host server crashed and all my updates were lost when they went to their backup files, not to mention the server stopped recognizing me again and it took awhile for my ISP to get their server to accept me again.


That was enough to piss me off just a tad.

...What the hell are you guys talking about ??? [:)]

My el cheapo $199 WebTV thingy for the "computer-challenged" is working just fine...[:)]

On Earthlink DSL here. Starting about a week ago have been getting 300+ hits a day on Port 80.

Before that it was about 50+ a day on Port 27374 (Sub7).

Damn kiddies need to find something better to do with their time!!

-rt

My firewall is getting blasted.  My log shows 100 hits in 3 hours.  I pity the fool without a firewall.  I sucks that this worm is sucking up all that bandwidth.  I heard that 2 Microsoft Hotmail servers got infected.  Most of the hits are coming on port 80, but port 27374 hit once in awhile.  There was some talk of creating an inoculation virus that would find infected servers and infect them with the patch.  The inoculated servers would find servers it infected and patch them too.

Like TriFin, I also have ZoneAlarm and Cox Cable and ZoneAlarm is maxing out at 500 alerts in 2 to 3 hours.  

% egrep 'NNNN|XXXX' access_log | wc -l
   982

I'm blocking about 80% of the attempts though through other means.

Glad it is not just me.  For the past four days my RD light on the cable modem has been at constant blink.  Hasn't seemed to effect performance too much, but I haven't been gaming this week.  Cable people said it was the code red virus.

Code Red Vigilante [url]www.dslreports.com/forum/remark,1253119;root=security,1;mode=flat[/url]