Thu, 14 Aug 2003
Two new records
Today I reached a new, low weight since starting my diet in April. I've lost exactly 35 pounds, now.
After work, I tackled the hill on Highway 27. I completed the 1.35 mile climb in 6:56.7. That's more than 2 minutes faster than the first climb I timed this year and an improvement of more than 30 seconds on my prior best time this year.
Is W32/Blaster cleaning up the Internet?
For the past few days, I've been scratching my head trying to figure out
why, all of a sudden, I don't see any HTTP exploit attempts in my logs.
I usually see 4-10 exploit attempts – a mixture of cmd.exe and
default.ida attempts. However, Sunday, 8/10 was the last time I saw any
such attempts in the logs.
It seems statistically improbable that this is just a normal lull in activity.
There is a possible explanation. Perhaps the W32/Blaster Worm (aka, LovSan) is responsible.
I assume the vast majority of exploit attempts come from Windows systems that have been compromised by worms like Nimba and Code Red. They are attempting to propagate themselves through HTTP exploits. If these same systems where taken down by W32/Blaster, then they aren't able to spread the other worms they host.
Because Blaster causes infected machines to crash, they will get the attention of their owners. Some will just remove W32/Blaster, leaving other worms intact. However, I expect most infected systems will get a more thorough cleaning, virus detection software installed, etc.
A side effect of W32/Blaster could be a much cleaner Internet.
I haven't verified this or seen this theory posted elsewhere, yet. I'll be hunting for verification.
About this weblog
This site is the personal weblog of Marc Mims. You can contact Marc
by sending e-mail to:
[email protected].
Marc writes here about cycling, programming, Linux, and other items of personal interest.
This site is syndicated with RSS.
Archives
Credits
CSS stolen from Tom Coates who didn't even complain.